Para el funcionamiento correcto del sitio web, debe activar el soporte de JavaScript en su navegador.
Linux.BackDoor.Fgt.2016
Added to the Dr.Web virus database:
2019-02-19
Virus description added:
2019-02-19
Technical Information
Malicious functions:
Launches itself as a daemon
Modifies firewall settings:
Launches processes:
sh -c grep -c ^processor /proc/cpuinfo
grep -c ^processor /proc/cpuinfo
sh -c free -mt|grep \"Total:\"|awk '{print $2}'|head -n1
grep Total:
free -mt
head -n1
awk {print $2}
sh -c if [ -f /usr/bin/yum ]; then cat /etc/system-release|head -n1; elif [ -f /usr/bin/apt-get ]; then lsb_release -d|awk '{$1= \"\"; print $0}'|head -n1;fi
awk {$1= \"\"; print $0}
lsb_release -d
sh -c if [ -f /usr/bin/yum ]; then printf \"Centos/Rhel Based\"; elif [ -f /usr/bin/apt-get ]; then printf \"Debian/Ubuntu Based\";fi
sh -c rm -rf /tmp/* /var/tmp/* /tmp/.* /var/tmp/.*
rm -rf /tmp/* /var/tmp/* /tmp/. /tmp/.. /tmp/.ICE-unix /tmp/.Test-unix /tmp/.X11-unix /tmp/.XIM-unix /tmp/.font-unix /var/tmp/. /var/tmp/..
sh -c rm -rf /var/log/wtmp
rm -rf /var/log/wtmp
sh -c rm -rf /bin/netstat
rm -rf /bin/netstat
sh -c iptables -F
Performs operations with the file system:
Creates or modifies files:
Deletes files:
/tmp/*
/var/tmp/*
/var/log/wtmp
/bin/netstat
Network activity:
Establishes connection:
8.#.8.8:53
31.###.157.206:17769
Attacks using a special dictionary (brute-force technique) via the Telnet protocol.
Sends data to the following servers:
Receives data from the following servers:
Other:
Collects CPU information
Collects RAM information
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
Descargue Dr.Web para Android
Gratis por 3 meses
Todos los componentes de protección
Renovación de la demo a través de AppGallery/Google Pay
Si Vd. continúa usando este sitio web, esto significa que Vd. acepta el uso de archivos Cookie y otras tecnologías para que recabemos las estadísticas sobre los visitantes. Más información
OK