New B1txor20 botnet is actively exploiting Log4j flaws in Linux systems to create a bot army that helps hackers install rootkits and steal sensitive records. The bot sends the stolen information, results of any command execution, or any other information to its C2 server in form of a DNS request. The malware possesses many additional features which are either not enabled or have a buggy code, thus, suggesting that it is under development.