25,000 co-opted Linux servers spread spam, drop malware etc

For discussions about security.
Post Reply
Message
Author
User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

25,000 co-opted Linux servers spread spam, drop malware etc

#1 Post by Flash »

25,000 co-opted Linux servers spread spam, drop malware and steal credentials
[quote]Security company ESET has released a new report, Operation Windigo – The vivisection of a large Linux server-side credential stealing malware campaign. This report was a joint research effort by ESET, CERT-Bund, SNIC and CERN. The key phrase in the report title is “server-side.

User avatar
Ted Dog
Posts: 3965
Joined: Wed 14 Sep 2005, 02:35
Location: Heart of Texas

#2 Post by Ted Dog »

Windango? I think we could easily figure out who lead the charge and put the fire trucks in the street looking for a burning cigarette butt. :D Who has most to gain by trying to teardown linux.. Wind.... something I suppose.
Funny thing is I bet those roped into playing along was able to name the effort so that we would not have to put forth the effort to follow the money on the data and report gathering..
It is self refuting and easy to dismiss as a normal bad people do bad things with technology. Windows just makes it easier most of the time. :twisted:

User avatar
James C
Posts: 6618
Joined: Thu 26 Mar 2009, 05:12
Location: Kentucky

#3 Post by James C »

http://blog.eset.ie/2014/03/18/operatio ... or-trojan/


[quote]“The Ebury backdoor deployed by the Windigo cybercrime operation does not exploit a vulnerability in Linux or OpenSSH,

User avatar
Ted Dog
Posts: 3965
Joined: Wed 14 Sep 2005, 02:35
Location: Heart of Texas

#4 Post by Ted Dog »

manual installed.... What the attackers had physical access to machines... Sorry that is a physical security issue first and foremost... I once got a co worker stumped.. seems I was being blamed for leaking a high level password.. One I did not know for even needed to know... When questions I answered I do not need to know any passwords to work or get at files.. Passwords are like front door locks. No need for a key if you can easily know how to lift the entire house ten feet in the air off its foundations and walk around without walls getting I the way.. I have been in IT for 30 years before this non IT job. How do you expect your support IT person to udate and fix issues when someone forgets a password. To drive the point home I backed into the most secure server known in the business. While still facing them and my back to keyboard. Forced a shutdown and reboot procedure and walked out of the room as they watched the machine finish its tasks and reboot... Of course that was a mission critical machine I would love to have them try to explain what occured.. :wink:

Post Reply