Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Virus library

An analysis of the technologies used by cybercriminals allows us to draw conclusions about the virus industry’s possible vectors of development and more effectively confront future threats. You, too, can learn what actions various malicious programs take in infected systems and how to withstand them.

Linux.UbntFM in virus library:

A family of worms for different versions of Linux, including Air OS that is developed by Ubiquiti Networks and installed on its devices. It is implemented as bash scripts.

Initially, the Trojans of this family were distributed via a vulnerability in the firmware of devices produced by Ubiquiti. Later version received a function for connection to remote devices via the SSH protocol (ports 22, 2222), with the use of logins “root”, “admin”, “ubnt” and the following passwords:

admin
root
ubnt
ubnt123
password
abcd1234
abcdefgh
qwerty
abc123
111111
123456
123123
123qwe
12345678
admin1
!@#$%^&*
ubiquiti
000000
1q2w3e4r
!Q@W#E$R
1qaz2wsx

In case of successful compromise, new user is added to the system (such logins as “mother ” and “moth3r ” are known) and a key for the access via the SSH protocol. They also install themselves on the compromised device to folder “/etc/persistent/.mf” and get registered in the autorun by modifying file /etc/persistent/rc.poststart.

Linux.UbntFM in virus library:

Vulnerabilities for Android

According to statistics, every fifth program for Android contains a vulnerability (or, in other words, a "loophole") that lets cybercriminals successfully introduce Trojans onto mobile devices and manipulate them into doing whatever actions they need them to.

Dr.Web Security Auditor for Android diagnoses and analyses a mobile device’s security and offers solutions to address security problems and vulnerabilities.