Doctor Web discovers Linux Trojan written in Rust

[Batu69]

Doctor Web’s specialists have discovered a new Linux Trojan written in the Rust programming language. The Trojan has been named Linux.BackDoor.Irc.16.

 

Linux.BackDoor.Irc.16 is a typical backdoor program that executes commands issued by cybercriminals via the IRC (Internet Relay Chat) protocol. The Trojan connects to the public chat channel specified in its configuration and awaits its instructions.

 

The Trojan can execute just four commands. It can connect to a specified chat channel; send cybercriminals information about an infected computer; send cybercriminals data about the applications running in a system; and delete itself from an infected machine.

 

Unlike the majority of its counterparts, Linux.BackDoor.Irc.16 is written in Rust, a programming language whose creation was sponsored by Mozilla Research. Its first stable version was released in 2015. Linux.BackDoor.Irc.16 was designed to be a cross-platform Trojan—to make a version for Windows, for example, cybercriminals can just recompile this malware program. Doctor Web’s analysts believe that Linux.BackDoor.Irc.16 is, in fact, a prototype (Proof of Concept), because it cannot replicate itself, and the IRC channel used by the Trojan to receive commands from cybercriminals is not currently active.

 

The signature for Linux.BackDoor.Irc.16 is already in the Dr.Web for Linux database, and it is successfully detected and removed by Doctor Web Anti-virus products.

 

More about this Trojan

 

Article source

[pc71520]

For one more time, Dr. Web found what others missed...

[steven36]

DR.web  trying to sell antivirus  for Linux witch  hardly  no one even uses a Antivirus at all on Linux and never have in 25 years   because they mostly only kill windows malware and not Linux malware ..They find maybe 1 Linux Malware  to every 10,000 Windows malware ,Windows antivirus  updates several times a day  with  several new variants of windows malware like clockwork   A 100 sites will write a stroy on Linux malware it sticks out like a sore thumb because its rare  and a 100 sites can write 10,000 articles on different Windows malware and no one pays any mind because everyone is numb to the fact and expect no less from Windows

 

[Kalju]

 The endless russian propaganda, it makes me just laugh.

[steven36]

Not everything is as it seems  ether.  some Antivirus  have been caught writhing  malware  in China one Antivirus ceo  got  a suspended  death sentence for writing there own malware .Even Symantec was sued for making scareware before  fake signatures  in there demo ware pay to remove it software... Symantec closed PC tools down soon after this.  . Kaspersky even wrote fake signatures (false positives ) to catch other vendors stealing . I been on the internet long enough to know all Antivirus lie, the more false positives they have, the more they lie . So I  take all news posted by antivirus vendors with a grain of salt because there trying to sell you something  

 

Hacktool.patcher" "not-a-virus" (lol) "risk-tool" "riskware" etc. lies, lies and more lies! And we have been brainwashed to protect our self with lies and if the real thing shows up most likely it want even find it.  If they can brainwash  wash everyone to keep using Windows like they been doing for the last 40 years Antivirus Vendors , Hackers and Government spooks  all win they got us were they want us. 

 

 

[pc71520]

Either way, the issue remains:

 

On Linux or Windows, Dr. Web has discovered malware others missed.