A malicious Java application is being used for the creation of a cross-platform distributed denial of service (DDoS) botnet, according to a blog post by Kaspersky.
The malware makes use of a vulnerability that allows remote attackers to affect confidentiality, integrity and availability of a system.
“Early this year, we received a malicious Java application for analysis, which turned out to be a multi-platform bot capable of running on Windows, Mac OS and Linux,” said Kaspersky’s Anton Ivanov.
The developers of the malware made use of the Zelix Klassmaster obfuscator, a tool that makes the code unreadable or difficult to understand.
The bot is controlled by its creators through Internet Relay Chat (IRC).
“The bot is controlled via the IRC protocol. This leads us to one more curious feature of this malware – it uses the PircBot open framework to implement communication via IRC. The malware includes all the classes needed for the purpose,” said Ivanov.
The malware’s developers are able to remotely control the address of the computer to be attacked, port number, attack duration and the number of threads to be used in the attack.
Kaspersky said during its analysis of the malware it attempted an attack on a bulk email service.