The gaming sector is the primary target, followed by educational institutions.
Akamai SIRT released a threat advisory this morning authored by Security Response Engineer Tsvetelin Vincent Choranov.
The XOR.DDoS rely on Linux machines that were compromised by cracking weak passwords used to protect the command shell.
To check whether your Linux machine is infected by XOR.DDoS malware, usenetstatto print any current web connection/internet connections.
Usetcpdumpto get a more detailed analysis of which packets you are sending out to identify unknown packets.
You may use any command based ontopor onpsto check for running malicious processes.
Malware removal
it’s possible for you to use this pointers to remove the XOR.DDoS.
/boot//etc/init.d//etc/rc.d/etc/rcX.d/usr/bin//lib//lib/udev/udev/lib/udev/debug
ReferBlazes security blogfor complete analysis of XOR.DDoS.
source: www.techworm.net
