Ebury Botnet Plague: Over 400K Linux Servers Compromised Since 2009
May 15, 2024The Ebury malware botnet has been active since 2009, affecting over 400,000 Linux servers.
Approximately 100,000 of these servers remain infected by the Ebury malware.
Ebury primarily targets ISPs, hosting providers, and servers across different operating systems.
Operators gain server access through stolen credentials, Man-in-the-Middle (AitM) attacks, and leveraging zero-day exploits.
The malware has not only affected users but also compromised the infrastructures of other cyber threat groups.
Despite being operational for years, the Ebury malware continues to receive updates, making it a sustained threat to Linux security.
Summary based on 6 sources
Get a daily email with more Tech stories
Sources
TechRadar pro • May 15, 2024
Thousands of Linux servers infected by Ebury malwareThe Hacker News • May 15, 2024
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 YearsSecurityWeek • May 15, 2024
400,000 Linux Servers Hit by Ebury BotnetSecurity Boulevard • May 15, 2024
15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers