Researchers at Kaspersky Lab have analyzed a malicious Java application that turned out to be a cross-platform bot used for DDoS attacks. The botnet communicates over IRC and can carry out distributed denial of service attacks using either HTTP or UDP flood attacks. Researchers say the malware exploits a patched Java vulnerability, CVE-2013-2465. The vulnerability is found in Java 7 u21 and earlier, as well as on different versions of Java 6 and 5. The bug was patched as part of Oracle s June 2013 Critical Patch Update.
Source: https://threatpost.com/cross-platform-java-bot-used-for-ddos-attacks/103912/