- Apr 21, 2017
- 971
- 360
- 136
Summary: https://www.hackread.com/acbackdoor-malware-hits-linux-windows-devices/
More in depth: https://www.intezer.com/blog-acbackdoor-analysis-of-a-new-multiplatform-backdoor/
Highlights:
It is likely the linux version payload is also delivered via malvertising; however, it is unlikely that it's delivered via the flash plugin vulnerability.
Yet one more reason why adservers should either be held accountable for malware damages or be required to have strong record keeping so that clients that dish out malicious scripts can be held accountable.
More in depth: https://www.intezer.com/blog-acbackdoor-analysis-of-a-new-multiplatform-backdoor/
Highlights:
Both variants share the same command and control (C2) server but the infection vectors they use to infect their victims are different: the Windows version is being pushed through malvertising with the help of the Fallout Exploit Kit while the Linux payload is dropped via a yet unknown delivery system.
It is likely the linux version payload is also delivered via malvertising; however, it is unlikely that it's delivered via the flash plugin vulnerability.
Yet one more reason why adservers should either be held accountable for malware damages or be required to have strong record keeping so that clients that dish out malicious scripts can be held accountable.