We discovered a new virus

The security community discovers roughly 300,000,000 new viruses every month; and this number increases monthly.

These viruses are usually discovered through automated and distributed efforts within the industry. We operate seemingly vulnerable servers called honeypots. When attacked we capture the malware and submit samples to appropriate feeds for vetting.

LARG*Net operates honeypots and contributes to the effort of making the internet safer.

2018-11-06 14_52_25-VirusTotal.png

The new virus illustrated above is unnamed and will most likely remain that way. It’s a Linux-based worm that uses IRC for command and control. It’s poorly coded and though it can spread, it takes no action when it does.

Currently 28 of 55 antivirus products classify it as a virus and it won't be long before they all agree.

Another a brand new virus variant, shown below, was unknown to virustotal.com before we submitted it. Despite this it already has pretty good protection coverage, 36 of 56 antivirus products classify it as a virus.

2018-11-07 09_07_56-VirusTotal.png

The XorDDoS family of viruses infect Linux devices and mostly attack targets in Asia. We currently know little about this malware though analysts may reverse engineer it to investigate further.

LARG*net will continue to contribute to this effort as it assists with tracking and arresting malware authors, not to mention helping antivirus programs catch viruses before they can do damage.

How do you protect against these threats? IPv6 is almost immune to these types of attackers - start your migration to IPv6 now!