Skip to main content

Mirai Variant Cross-Compiles Attack Code with Aboriginal Linux

posted onAugust 24, 2018
by l33tdawg
Threat Post
Credit: Threat Post

Criminals behind a Mirai botnet have been spotted using an unusual technique: Leveraging an open-source project called Aboriginal Linux to create a compiled binary, with versions of the malware tailored to each targeted platform.

The malware authors are leveraging Aboriginal – a legitimate tool for cross-compilation – to make Mirai executable on a wide variety of internet of things (IoT) devices and platforms, including routers, IP cameras, connected devices and Android devices.

“One of the major pain points for a cross-platform IoT botnet is portability,” wrote Dinesh Venkatesan, principal threat analysis engineer at Symantec, in an writeup Thursday. “The malware must be able to run on different architectures and platforms in a self-contained capsule without any runtime surprises or misconfiguration. This is also an area where many inexperienced malware authors, or script-kiddies, fail if they simply copy/paste and reuse the existing malware code base.”

Source

Tags

Security Linux

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th