| Port No | 667 |
| Service Name | Backdoor.Linux.Trinity |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This malware can be manipulated remotely to control infected machines and launch what constitutes a denial of service (DoS) attack against systems running Linux or Unix. This malware also continually attempts to connect to certain IP addresses, causing huge network traffic and infected systems to slow down |
| Reference Link | Backdoor.Linux.Trinity |
| Attack | Solutions: Scan your system with Trend Micro antivirus and delete all files detected as DDOS_TRINITY.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner. Details: This malware, which runs on Linux and Unix, waits for malicious commands from remote users. It executes these commands to constitute a denial of service (DoS) attack against other machines. These attacks can be further classified into the following: udpflood fragmentflood synflood rstflood randomflagsflood ackflood establishflood nullflood Also, this malware constantly attempts to connect to the following IP addresses, causing huge network traffic and can cause the infected system to slow down: 204.127.145.17 216.24.134.10 208.51.158.10 199.170.91.114 207.173.16.33 207.96.122.250 205.252.46.98 216.225.7.155 205.188.149.3 207.69.200.131 207.114.4.35 The following strings can be found in this malware's body: trinity v3 by self (an idle mind is the devil's playground) |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.