Kaiji is a type of malware, specifically a Distributed Denial of Service (DDoS) botnet, with advanced capabilities such as evading detection, establishing persistence on infected systems, and altering Security-Enhanced Linux (SELinux) policies. This malicious software infiltrates systems often through unsuspecting means such as downloads, emails, or websites. Once inside, it can disrupt operations by overwhelming the target's resources through its DDoS functionality, thereby causing significant damage.
The attackers who utilized Kaiji also employed a variety of other tools to execute their nefarious activities. Alongside Kaiji, they used custom malware and another variant known as RUDEDEVIL, which is a cryptocurrency miner. Each of these malware variants served different purposes: while Kaiji was primarily used for conducting DDoS attacks, RUDEDEVIL was engaged in mining cryptocurrency from the compromised systems.
To further ensure their stealth and longevity within the infected systems, the attackers deployed the Kaiji malware along with a script named 00.sh. This script was designed to erase any traces of their illicit activities and to terminate any competing mining processes that could potentially expose their operation or reduce its profitability. The combined use of these advanced malware types and sophisticated techniques underscores the evolving complexity of cyber threats.
Description last updated: 2024-10-17T12:32:32.886Z