Linux/DDoS [Threat Name] go to Threat

Linux/DDoS.M [Threat Variant Name]

Category trojan
Size 538444 B
Detection created Sep 25, 2014
Detection database version 10464
Aliases Backdoor.Linux.Gafgyt.a (Kaspersky)
  Backdoor:Linux/Shellshock.A (Microsoft)
  Linux.Gafgyt (Symantec)
Short description

The trojan serves as a backdoor. It can be controlled remotely.


The trojan does not create any copies of itself.

Information stealing

The trojan collects the following information:

  • MAC address
  • computer IP address

The trojan can send the information to a remote machine.

Other information

The trojan acquires data and commands from a remote computer or the Internet.

The trojan contains a list of (2) URLs. The UDP, TCP protocol is used.

It can execute the following operations:

  • perform DoS/DDoS attacks
  • execute shell commands
  • terminate running processes
  • perform port scanning
  • connect to remote computers to a specific port
  • send gathered information

Please enable Javascript to ensure correct displaying of this content and refresh this page.