Remaiten
   HOME

TheInfoList



Click Here for Items Related To - Remaiten
OR:
Remaiten on:   [Wikipedia]   [Google]   [Amazon]

Remaiten is
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
which infects
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
on embedded systems by brute forcing using frequently used default username and
passwords A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
combinations from a list in order to infect a system. Remaiten combines the features of the Tsunami and LizardStresser (aka Torlus) malware families. The command and control for Remaiten are handled by IRC communications. Additionally the command and control is done by an actual IRC channel rather than only the IRC protocol. This is an improvement over bots such as Tsunami and Torlus making Remaiten a greater threat than both combined. To avoid detection, Remaiten tries to determine the platform of a device to download the architecture-appropriate component from the command & control server. Once Remaiten infects a device it is able to perform actions such as launching distributed denial of service attacks or download more malware on a device. Remaiten is able to scan and remove competing bots on a system compromised by it.


See also

*
Botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
*
Mirai (malware) Mirai (from the Japanese word for "future", 未来) is a malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer d ...
*
BASHLITE BASHLITE (also known as Gafgyt, Lizkebab, PinkSlip, Qbot, Torlus and LizardStresser) is malware which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but ...
*
Linux.Darlloz Linux.Darlloz is a worm which infects Linux embedded systems. Linux.Darlloz was first discovered by Symantec in 2013. Linux.Darlloz targets the Internet of things and infects routers, security cameras, set-top boxes by exploiting a PHP vulner ...
*
Linux.Wifatch Linux.Wifatch is an open-source piece of malware which has been noted for not having been used for malicious actions, instead attempting to secure devices from other malware. Linux.Wifatch operates in a manner similar to a computer security syst ...
*
Hajime (malware) Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices. Hajime is also far more advanced than Mirai, according to various researchers. The top countries ...


References

{{IoT Malware IoT malware Linux malware Botnets