BASHLITE
BASHLITE
Malware for Linux systems
BASHLITE (also known as Gafgyt, Lizkebab, PinkSlip, Qbot, Torlus and LizardStresser) is malware which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS).[1] Originally it was also known under the name Bashdoor,[2] but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps.[3]
The original version in 2014 exploited a flaw in the bash shell - the Shellshock software bug - to exploit devices running BusyBox.[4][5][6][7] A few months later a variant was detected that could also infect other vulnerable devices in the local network.[8] In 2015 its source code was leaked, causing a proliferation of different variants,[9] and by 2016 it was reported that one million devices have been infected.[10][11][12][13]
Of the identifiable devices participating in these botnets in August 2016 almost 96 percent were IoT devices (of which 95 percent were cameras and DVRs), roughly 4 percent were home routers - and less than 1 percent were compromised Linux servers.[9]