Tag Archives: Compromised

Ebury botnet alive & growing; 400k Linux servers compromised for cryptocurrency theft and financial gain

  • ESET Research has released its deep-dive investigation into one of the most advanced server-side malware campaigns, which is still growing – Ebury group with their malware and botnet.
  • Over the years, Ebury has been deployed as a backdoor to compromise almost 400,000 Linux, FreeBSD, and OpenBSD servers; more than 100,000 were still compromised as of late 2023.
  • Ebury actors have been pursuing monetization activities subsequent to our 2014 publication on Operation Windigo, including the spread of spam, web traffic redirections, and credential stealing.
  • Additionally, ESET has confirmed that operators are also involved in cryptocurrency heists.
  • In many cases, Ebury operators were able to gain full access to large servers of ISPs and well-known hosting providers.

BRATISLAVA, Slovakia,


Source link

Raft of Australian companies compromised in hosting service hack

Raft of Australian companies compromised in hosting service hack

The Black Basta ransomware gang has posted details of a hack affecting nearly a dozen Australian organisations.

A ransomware gang has posted dozens of Australian passports and driver’s licenses to the dark web after apparently compromising a cloud-based hosting service.

The Black Basta gang has not disclosed who the hosting service is, however, referring to the victim only as “hvd.host”.

What the gang has shared, however, is a list of mostly Australian businesses whose data the gang is threatening to publish if a ransom isn’t paid by March 9. Thirteen companies are listed by the gang.

Black Basta listed the companies by their websites as…


Source link