[Utilizer]

Interesting to note the malware distributors were being cautious about how they went about infecting the machines, with only occasional commands sent for longer periods of time while at other times remaining silent for hours or days making it harder to detect.

[9thLife]

Who didn’t see this coming?

[Scutter]

bmfl

[Utilizer]

Ping.

[dadfly]

bookmark

[Utilizer]

Please change author info title from “HMS” to “HNS”. Typo. :)

[Swordmaker]

Thanks for finding this, Utilizer.

[ShadowAce]

[proxy_user]

The big question would be how you manage to install this on servers? Remember, there are no dumb users who will click on a link in an email, it’s a Linux server! Without root access, no malware could be installed.

The following paragraphs are interesting:

“The price of the software is $240, but interestingly enough, there is a link to a site offering a “cracked” version of DirectMailer. The developers explicitly say that they don’t provide technical support for users of pirated versions of DirectMailer downloaded from that site or any other, but the fact that they provide a direct link is strange.”

“The pirated DirectMailer copies contain the Mumblehard backdoor, and when users install them, they give the operators a backdoor to their servers, and allow them to send spam from and proxy traffic through them.”

So in order to get infected, you would have to download the ‘pirated version’, log in as root, and install it. This is a deliberate act by a server administrator who knows he is doing something illegal and risky. I guess end users aren’t the only dumb ones out there.

[for-q-clinton]

Of course if this was windows you’d see a ton of snarky comments. But it’s not so not so much snarky in this thread I bet.