400k Linux Servers Hacked to Mine Cryptocurrency

A new report from cybersecurity researchers at ESET has uncovered a massive botnet comprised of over 400,000 compromised Linux servers being used for cryptocurrency theft and other illicit financial gain.

The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved significantly over the past decade.

Ebury’s Insidious Spread

The Ebury gang employs a variety of techniques to propagate the malware and expand their botnet:

Different methods used by the Ebury gang to compromise new servers
Different methods used by the Ebury gang to compromise new servers
  • Compromised Hosting Providers: Leveraging access to hosting companies’ infrastructure to install Ebury on all hosted servers
  • ARP Spoofing Attacks: Intercepting and redirecting SSH traffic inside data centers to capture credentials
  • Over 200 Bitcoin/Ethereum Nodes Targeted: Automatically stealing crypto wallets when victims log in

Free Webinar on Live API Attack Simulation: Book Your...

Read more

Related Content

Tether to Invest in Quantoz for MiCAR-Compliant Stablecoin Launch

by Krupali November 19, 2024

CarTrade Shares Hit Fresh 52-Week High At INR 1,336.40

by Krupali November 19, 2024

Phobos Ransomware Admin Extradited As Part Of International Hacking Operation

by Krupali November 19, 2024

PS5 Pro Owners Say Some Games Look Worse After Upgrades

by Krupali November 19, 2024

This is the soundbar I recommend if you have limited space at home (and it's $100 off)

by Krupali November 19, 2024

Alternative MBA Startup Stoa Shuts Operations

by Krupali November 12, 2024
Exit mobile version