Tag Archives: 400k

Ebury botnet alive & growing; 400k Linux servers compromised for cryptocurrency theft and financial gain

  • ESET Research has released its deep-dive investigation into one of the most advanced server-side malware campaigns, which is still growing – Ebury group with their malware and botnet.
  • Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD, and OpenBSD servers; more than 100,000 were still compromised as of late 2023.
  • Ebury actors have been pursuing monetization activities subsequent to our 2014 publication on Operation Windigo, including the spread of spam, web traffic redirections, and credential stealing.
  • Additionally, ESET has confirmed that operators are also involved in cryptocurrency heists.
  • In many cases, Ebury operators were able to gain full access to large servers of ISPs and well-known hosting providers.

BRATISLAVA, Slovakia,


Source link