[dba-Tech] Malware Attack Hijacks 25,000 Linux/UNIX Servers

Tina Norris Fields tinanfields at torchlake.com
Fri Mar 21 10:58:02 CDT 2014


Arthur,
Thanks for posting this.  We need to stay alert, no matter what 
operating system we use.  Where does one find the ESET report?
TNF

Tina Norris Fields
tinanfields-at-torchlake-dot-com
231-322-2787

On 3/21/2014 10:09 AM, Arthur Fuller wrote:
> This from slashdot...
>
> "Security researchers from ESET have uncovered a widespread attack campaign
> that has infected more than 25,000 Linux and UNIX servers around the world.
> The servers are being hijacked by a backdoor Trojan as part of a campaign
> the researchers are calling 'Operation Windigo.' Once infected, victimized
> systems are leveraged to steal credentials, redirected web traffic to
> malicious sites and send as many as 35 million spam messages a day.
> 'Windigo has been gathering strength, largely unnoticed by the security
> community, for more than two and a half years and currently has 10,000
> servers under its control,' said Pierre-Marc Bureau, security intelligence
> program manager at ESET, in a statement.
>
> There are many misconceptions around Linux security, and attacks are not
> something only Windows users need to worry about. The main threats facing
> Linux systems aren't zero-day vulnerabilities or malware, but things such
> as Trojanized applications, PHP backdoors, and malicious login attempts
> over SSH. ESET recommends webmasters and system administrators check their
> systems to see if they are compromised, and has published a detailed report
> presenting the findings and instructions on how to remove the malicious
> code if it is present."
>



More information about the dba-Tech mailing list