Ebury Botnet Plague: Over 400K Linux Servers Compromised Since 2009

May 16, 2024
Ebury Botnet Plague: Over 400K Linux Servers Compromised Since 2009
  • The Ebury malware botnet has been active since 2009, affecting over 400,000 Linux servers.

  • Approximately 100,000 of these servers remain infected by the Ebury malware.

  • Ebury primarily targets ISPs, hosting providers, and servers across different operating systems.

  • Operators gain server access through stolen credentials, Man-in-the-Middle (AitM) attacks, and leveraging zero-day exploits.

  • The malware has not only affected users but also compromised the infrastructures of other cyber threat groups.

  • Despite being operational for years, the Ebury malware continues to receive updates, making it a sustained threat to Linux security.

Summary based on 6 sources


Get a daily email with more Tech stories

Sources

Thousands of Linux servers infected by Ebury malware


400,000 Linux Servers Hit by Ebury Botnet

SecurityWeek • May 15, 2024

400,000 Linux Servers Hit by Ebury Botnet

15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers

Related Stories