Malware Attack Infected 25,000 Linux/UNIX Servers 220
wiredmikey writes "Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling 'Operation Windigo.' Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. 'Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,' said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.
There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."
There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."
next they will say Mac's get viruses (Score:5, Funny)
April fools is here early
...and, btw, we sell anti-virus software for linux (Score:4, Funny)
Re:The state of Linux (Score:5, Funny)
I work as a consultant for several fortune 500 companies, and I think I can shed a little light on the climate of the open source community at the moment. I believe that part of the reason that open source based startups are failing left and right is not an issue of marketing as it's commonly believed but more of an issue of the underlying technology.
I know that that's a strong statement to make, but I have evidence to back it up! At one of the major corps(5000+ employees) that I consult for, we wanted to integrate Linux into our server pool. The allure of not having to pay any restrictive licensing fees was too great to ignore. I reccomended the installation of several boxes running the new 2.4.9 kernel, and my hopes were high that it would perform up to snuff with the Windows 2k boxes which were(and still are!) doing an AMAZING job at their respective tasks of serving HTTP requests, DNS, and fileserving.
I consider myself to be very technically inclined having programmed in VB for the last 8 years doing kernel level programming. I don't believe in C programming because contrary to popular belief, VB can go just as low level as C and the newest VB compiler generates code that's every bit as fast. I took it upon myself to configure the system from scratch and even used an optimised version of gcc 3.1 to increase the execution speed of the binaries. I integrated the 3 machines I had configured into the server pool, and I'd have to say the results were less than impressive... We all know that linux isn't even close to being ready for the desktop, but I had heard that it was supposed to perform decently as a "server" based operating system. The 3 machines all went into swap immediately, and it was obvious that they weren't going to be able to handle the load in this "enterprise" environment. After running for less than 24 hours, 2 of them had experienced kernel panics caused by Bind and Apache crashing! Granted, Apache is a volunteer based project written by weekend hackers in their spare time while Microsft's IIS has an actual professional full fledged development team devoted to it. Not to mention the fact that the Linux kernel itself lacks any support for any type of journaled filesystem, memory protection, SMP support, etc, but I thought that since Linux is based on such "old" technology that it would run with some level of stability. After several days of this type of behaviour, we decided to reinstall windows 2k on the boxes to make sure it wasn't a hardware problem that was causing things to go wrong. The machines instantly shaped up and were seamlessly reintegrated into the server pool with just one Win2K machine doing more work than all 3 of the Linux boxes.
Needless to say, I won't be reccomending Linux/FSF to anymore of my clients. I'm dissappointed that they won't be able to leverege the free cost of Linux to their advantage, but in this case I suppose the old adage stands true that, "you get what you pay for." I would have also liked to have access to the source code of the applications that we're running on our mission critical systems; however, from the looks of it, the Microsoft "shared source" program seems to offer all of the same freedoms as the GPL.
As things stand now, I can understand using Linux in academia to compile simple "Hello World" style programs and learn C programming, but I'm afraid that for anything more than a hobby OS, Windows 98/NT/2K are your only choices.
thank you.
Re:The state of Linux (Score:4, Funny)
Thank you for that delightful trip back to the year 2000. Tell me, did you warn them?