Linux botnet - 150Gbps DDoS capability

Mpegger · Sep 30, 2015

http://www.engadget.com/2015/09/29/linux-botnet-hits-with-150-gbps-ddos/

Akamai announced on Tuesday that its Security Intelligence Response Team has discovered a massive Linux-based botnet that's reportedly capable of downing websites under a torrent of DDoS traffic exceeding 150 Gbps. The botnet spreads via a Trojan variant dubbed XOR DDoS. This malware infects Linux systems via embedded devices like network routers then brute forces SSH access. Once the malware has Secure Shell credentials, it secretly downloads and installs the necessary botnet software, then connects the newly-infected computer to the rest of the hive.

Link to original report: https://www.stateoftheinternet.com/...lware-removal-ddos-mitigation-yara-snort.html

I find it kinda weird that it was targeting mainly gambling and education sites in Asia. Gotta wonder who was in control of it, though my bet is some kind of government that was trying to censor their peoples view of the internet.

Audioaficionado · Oct 1, 2015

Yeah it seems the end goal is DDoS attacks of sites they don't like, not individual identity theft. More state sponsored hacking :borg:

Etho · Oct 3, 2015

This is very interesting, I thought Linux was more secure than windows. These days we are always at risk regardless of the platform/os we are using...

Silver_Pharaoh · Oct 3, 2015

Etho said:
This is very interesting, I thought Linux was more secure than windows. These days we are always at risk regardless of the platform/os we are using...

It is

I like to think of Windows as swiss cheese.

Just have to browse safely and keep the AV up to date

Linux botnet - 150Gbps DDoS capability

Mpegger

Member

Audioaficionado

Sparkomatic Moderator

Etho

Registered

Silver_Pharaoh

Likes the big ones n00b Member