Linux/Tsunami [Threat Name]
Detection created | 2002-06-26 |
Short description
Linux/Tsunami serves as a backdoor. It can be controlled remotely.
Installation
The trojan does not create any copies of itself.
The trojan can modify the following files:
- /etc/rc.d/rc.local
- /etc/rc.local
- /etc/rc.conf
Other information
The trojan receives data and instructions for further action from the Internet or another remote computer within its own network (botnet).
The trojan contains a list of URLs. The IRC, HTTP protocol is used.
It can execute the following operations:
- download files from a remote computer and/or the Internet
- execute shell commands
- perform DoS/DDoS attacks
The trojan can rename its process name.
Threat Variants with Description
Threat Variant Name | Date Added | Threat Type | |
Linux/Tsunami.NGJ | 2014-07-26 | trojan | |
Linux/Tsunami.NAS | 2014-04-14 | trojan |