Ebury Botnet Plague: Over 400K Linux Servers Compromised Since 2009

May 16, 2024
Ebury Botnet Plague: Over 400K Linux Servers Compromised Since 2009
Tech
Tech
Cybersecurity
Cybersecurity

  • The Ebury malware botnet has been active since 2009, affecting over 400,000 Linux servers.

  • Approximately 100,000 of these servers remain infected by the Ebury malware.

  • Ebury primarily targets ISPs, hosting providers, and servers across different operating systems.

  • Operators gain server access through stolen credentials, Man-in-the-Middle (AitM) attacks, and leveraging zero-day exploits.

  • The malware has not only affected users but also compromised the infrastructures of other cyber threat groups.

  • Despite being operational for years, the Ebury malware continues to receive updates, making it a sustained threat to Linux security.

Summary based on 6 sources

Get a daily email with more Tech stories

Sources

Thousands of Linux servers infected by Ebury malware

TechRadar pro • May 15, 2024

Thousands of Linux servers infected by Ebury malware
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years

The Hacker News • May 15, 2024

Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
400,000 Linux Servers Hit by Ebury Botnet

SecurityWeek • May 15, 2024

400,000 Linux Servers Hit by Ebury Botnet
15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers

Security Boulevard • May 15, 2024

15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers

More Stories