XorDDoS is explosive growth malware for Linux

XorDDoS is explosive growth malware for Linux

The team of researchers from Microsoft 365 Defender Research has published an in-depth analysis of XorDDoS, also known as XOR DDoS due to the use of XOR-based encryption for C2 server communication.

According to Microsoft, the 'use of malware to initiate Distributed Denial-of-Service (DDoS) attacks has soared in the last six months, with a growth rate of 240%. Researchers argue that the success of this botnet is to be found in the intensive use of various evasion and permanence tactics, which make it invisible and difficult to remove.



Malware also affects Linux systems
In general, a certain growth of malware has been observed on Linux, especially in 2021, and the most common types, in addition to XorDDoS, would be Mirai and Mozi, in any case the former remains the one with the most explosive growth . The XorDDoS samples found by security researchers have also increased tenfold over the past year and, in general, this growing trend of attacks targeting Linux systems appears to continue over the next few months.

Another of the main objectives of hackers using XorDDoS is the implementation of miners for cryptocurrencies, in this case the miner known as XMRig was found, which exploits the hardware resources of the affected systems to mine coins on behalf of cybercriminals.