- ESET Research has released its deep-dive investigation into one of the most advanced server-side malware campaigns, which is still growing – Ebury group with their malware and botnet.
- Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD, and OpenBSD servers; more than 100,000 were still compromised as of late 2023.
- Ebury actors have been pursuing monetization activities subsequent to our 2014 publication on Operation Windigo, including the spread of spam, web traffic redirections, and credential stealing.
- Additionally, ESET has confirmed that operators are also involved in cryptocurrency heists.
- In many cases, Ebury operators were able to gain full access to large servers of ISPs and well-known hosting providers.
BRATISLAVA, Slovakia,
Source link