Over 25000 Unix servers hijacked, 500000+ PC’s attacked every day by Cyber Criminals

Researchers have warned the companies and website admins operating or running on Unix and Linux servers of a recent operation targeted to hijack servers and use it to spread spam message and Malwares.

A joint report from researchers at ESET,  CERT-Bund, the European Organization for Nuclear Research (CERN), the Swedish National Infrastructure for Computing and other agencies have uncovered the sophisticated Operation Windigo which aims at hijacking thousands of Unix servers for a widespread Cyber Criminal operations.

Over 25000 Unix servers hijacked, 500000+ PC's attacked every day by Cyber Criminals under Operation Windigo.

The attack which has resulted in more than 25,000 Unix servers being hacked as on date, is used to send and display 5 million spam messages from the compromised machines.  This hack puts nearly half million computers at risk on daily basis.

Victims who have Windows PC’s get infected with click fraud malware and spam-sending malware similarly victims having Mac bases computers display mostly dating adverts. If you think your smartphone is safe from the attack you may end up being redirected to X-rated content.  Once the victim visits these sites, they are further made to download poisoned web content with Malwares, Adverts and Malicious exploit kits.

The Operation Windigo uses sophisticated malware components including Linux/Ebury (an OpenSSH backdoor and credential stealer), Linux/Cdorked, Perl/Calfbot, Linux/Onimiki, Win32/Glubteba.M, and Win32/Boaxxe.G as per the ESET researcher team.

In view of this serious threat, the researchers have appealed to all the UNIX system Administrators and webmasters to run the following command to see if their system is compromised or not.

$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo “System clean” || echo “System infected”

Should your system fallen prey to Operation Windigo, you should re-install the operating system and change all the passwords and private OpenSSH keys. 

Readers are advised to keep their Antivirus and Adsblocker Software updated to stay safe from any such harmful operations.  

Abhishek Kumar Jha
Abhishek Kumar Jha
Knowledge is Power

Read More

Suggested Post