Security 10816 Published by

Kauro Hayashi of Symantec announced the discovery of a malicious worm, named Linux.Darlloz, infecting Linux powered embedded systems.



From Muktware:
The worm exploits a vulnerability in PHP which was patched more than one and half years back, in May 2012. This worm currently targets the x86 architecture. However, variants for ARM, PPC, MIPS and MIPSEL have been found on the server hosting this worm. As can be inferred, an opportunity presents itself to the worm to propagate and infect a huge number of devices.
  Symantec discovers Linux.Darlloz worm targetting embedded systems