Tag Archives: Botnet

400.000 Linux servers were part of the Ebury botnet

B2B Cyber ​​Security ShortNews

In its new research report, IT security manufacturer ESET has published a report that reveals the malicious activities of the hacker group “Ebury”. Its malware infected more than 400.000 Linux, FreeBSD and OpenBSD servers over the past 15 years.

In the past 18 months alone, 100.000 new victims have been added. In many cases, the Ebury operators were able to gain full access to large servers of Internet providers and well-known hosting providers. The activities of the Ebury group and its botnet over the years have included spreading spam, redirecting web traffic and stealing login credentials. In recent years, the hackers have also moved into credit card and cryptocurrency theft.

Ebury is versatile

Since at least 2009, Ebury has served as an OpenSSH backdoor and credential stealer….


Source link

“World largest botnet ever” shut down — US government seizes 911 S5 operation and takes it offline

The US government and the government of Singapore has dismantled what has been called “likely the world’s largest botnet ever” and arrested its administrator. 

The 911 S5 botnet granted cybercriminals means to keep their identities hidden while running different schemes. 


Source link

Ebury Botnet Operators Diversify with Financial and Crypto Theft

Ebury, one of the most advanced server-side malware campaigns, has been active for 15 years but its use by threat actors is still growing, according to cybersecurity firm ESET.

A new report published on May 14 by ESET Research showed that operators of the Ebury malware and botnet were more active than ever in 2023.

Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD and OpenBSD servers. More than 100,000 were still compromised as of late 2023.

Long known to deploy spam, web traffic redirections and credential stealing, the Ebury group recently added credit card compromise and cryptocurrency theft in its techniques, tactics and procedures (TTPs).

What is the Ebury Botnet?

Ebury is a malicious group that has been active since…


Source link

Ebury Botnet Operators Diversify with Financial and Crypto Theft

Ebury, one of the most advanced server-side malware campaigns, has been active for 15 years but its use by threat actors is still growing, according to cybersecurity firm ESET.

A new report published on May 14 by ESET Research showed that operators of the Ebury malware and botnet were more active than ever in 2023.

Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD and OpenBSD servers. More than 100,000 were still compromised as of late 2023.

Long known to deploy spam, web traffic redirections and credential stealing, the Ebury group recently added credit card compromise and cryptocurrency theft in its techniques, tactics and procedures (TTPs).

What is the Ebury Botnet?

Ebury is a malicious group that has been active since…


Source link

Ebury botnet alive & growing; 400k Linux servers compromised for cryptocurrency theft and financial gain

  • ESET Research has released its deep-dive investigation into one of the most advanced server-side malware campaigns, which is still growing – Ebury group with their malware and botnet.
  • Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD, and OpenBSD servers; more than 100,000 were still compromised as of late 2023.
  • Ebury actors have been pursuing monetization activities subsequent to our 2014 publication on Operation Windigo, including the spread of spam, web traffic redirections, and credential stealing.
  • Additionally, ESET has confirmed that operators are also involved in cryptocurrency heists.
  • In many cases, Ebury operators were able to gain full access to large servers of ISPs and well-known hosting providers.

BRATISLAVA, Slovakia,


Source link