Linux/Gafgyt [Threat Name]
Detection created | 2014-12-02 |
World activity peak | 2018-12-15 (0.01 %) |
Short description
Linux/Gafgyt serves as a backdoor. It can be controlled remotely.
Information stealing
The following information is collected:
- MAC address
- computer IP address
The trojan can send the information to a remote machine.
Other information
The trojan receives data and instructions for further action from the Internet or another remote computer within its own network (botnet).
The trojan contains a list of IP addresses. The IRC, HTTP protocol is used in the communication.
It can execute the following operations:
- download files from a remote computer and/or the Internet
- execute shell commands
- perform DoS/DDoS attacks
- send gathered information
- perform port scanning to detect presence of Telnet service