Microsoft discovers Windows/Linux botnet used in DDoS attacks

Enlarge (credit: Aurich Lawson / Ars Technica)

Microsoft researchers person discovered a hybrid Windows-Linux botnet that uses a highly businesslike method to instrumentality down Minecraft servers and performs distributed denial-of-service attacks connected different platforms.

Dubbed MCCrash, the botnet infects Windows machines and devices moving assorted distributions of Linux for usage successful DDoS attacks. Among the commands the botnet bundle accepts is 1 called ATTACK_MCCRASH. This bid populates the idiosyncratic sanction successful a Minecraft server login leafage with ${env:random payload of circumstantial size:-a}. The drawstring exhausts the resources of the server and makes it crash.

A packet seizure showing the TCP payload for crashing Minecraft servers. (credit: Microsoft)

“The usage of the env adaptable triggers the usage of Log4j 2 library, which causes abnormal depletion of strategy resources (not related to Log4Shell vulnerability), demonstrating a circumstantial and highly businesslike DDoS method,” Microsoft researchers wrote. “A wide scope of Minecraft server versions tin beryllium affected.”