25,000 co-opted Linux servers spread spam, drop malware and steal credentials
[quote]Security company ESET has released a new report, Operation Windigo – The vivisection of a large Linux server-side credential stealing malware campaign. This report was a joint research effort by ESET, CERT-Bund, SNIC and CERN. The key phrase in the report title is “server-side.
25,000 co-opted Linux servers spread spam, drop malware etc
Windango? I think we could easily figure out who lead the charge and put the fire trucks in the street looking for a burning cigarette butt. Who has most to gain by trying to teardown linux.. Wind.... something I suppose.
Funny thing is I bet those roped into playing along was able to name the effort so that we would not have to put forth the effort to follow the money on the data and report gathering..
It is self refuting and easy to dismiss as a normal bad people do bad things with technology. Windows just makes it easier most of the time.
Funny thing is I bet those roped into playing along was able to name the effort so that we would not have to put forth the effort to follow the money on the data and report gathering..
It is self refuting and easy to dismiss as a normal bad people do bad things with technology. Windows just makes it easier most of the time.
http://blog.eset.ie/2014/03/18/operatio ... or-trojan/
[quote]“The Ebury backdoor deployed by the Windigo cybercrime operation does not exploit a vulnerability in Linux or OpenSSH,
[quote]“The Ebury backdoor deployed by the Windigo cybercrime operation does not exploit a vulnerability in Linux or OpenSSH,
manual installed.... What the attackers had physical access to machines... Sorry that is a physical security issue first and foremost... I once got a co worker stumped.. seems I was being blamed for leaking a high level password.. One I did not know for even needed to know... When questions I answered I do not need to know any passwords to work or get at files.. Passwords are like front door locks. No need for a key if you can easily know how to lift the entire house ten feet in the air off its foundations and walk around without walls getting I the way.. I have been in IT for 30 years before this non IT job. How do you expect your support IT person to udate and fix issues when someone forgets a password. To drive the point home I backed into the most secure server known in the business. While still facing them and my back to keyboard. Forced a shutdown and reboot procedure and walked out of the room as they watched the machine finish its tasks and reboot... Of course that was a mission critical machine I would love to have them try to explain what occured..