400k Linux Servers Hacked to Mine Cryptocurrency

A new report from cybersecurity researchers at ESET has uncovered a massive botnet comprised of over 400,000 compromised Linux servers being used for cryptocurrency theft and other illicit financial gain.

The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved significantly over the past decade.

Ebury’s Insidious Spread

The Ebury gang employs a variety of techniques to propagate the malware and expand their botnet:

Different methods used by the Ebury gang to compromise new servers
Different methods used by the Ebury gang to compromise new servers
  • Compromised Hosting Providers: Leveraging access to hosting companies’ infrastructure to install Ebury on all hosted servers
  • ARP Spoofing Attacks: Intercepting and redirecting SSH traffic inside data centers to capture credentials
  • Over 200 Bitcoin/Ethereum Nodes Targeted: Automatically stealing crypto wallets when victims log in

Free Webinar on Live API Attack Simulation: Book Your...

Read more

Related Content

CaratLane’s Q2 Total Income Jumps 28% YoY to INR 829 Cr

by Krupali November 5, 2024

Crypto's Big Trump Gamble Is Risky

by Krupali November 5, 2024

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

by Krupali November 5, 2024

Early PlayStation 5 Pro shipments reveal some big upgrades over the original but that AMD GPU isn't quite what I was expecting

by Krupali November 5, 2024

X now lets blocked users see your posts

by Krupali November 5, 2024

Bitcoin (BTC) Faces Volatility Amid U.S. Election and Economic Factors

by Krupali October 29, 2024
Exit mobile version