Are you a spammer

Please note, that the first 3 posts you make, will need to be approved by a forum Administrator or Moderator before they are publicly viewable.
Each application to join this forum is checked at the Stop Forum Spam website. If the email or IP address appears there when checked, you will not be allowed to join this forum.
If you get past this check and post spam on this forum, your posts will be immediately deleted and your account inactivated.You will then be banned and your IP will be submitted to your ISP, notifying them of your spamming. So your spam links will only be seen for an hour or two at most. In other words, don't waste your time and ours.

This forum is for the use and enjoyment of the members and visitors looking to learn about and share information regarding the topics listed. It is not a free-for-all advertising venue. Your time would be better spent pursuing legitimate avenues of promoting your websites.

“Operation Windigo” Attack Infects 10,000 Unix Servers!!

News & Events etc. will be posted here.


“Operation Windigo” Attack Infects 10,000 Unix Servers!!

Postby Gilgamesh777 » Wed Mar 19, 2014 10:26 am

The Linux servers occupy the largest share of this market, which means that they are the most prone to attacks from hackers and other malevolent cyber-criminals. ESET researchers and a few other agencies have shown that Unix servers have been used to spread malware and send spam emails. complete story here http://news.softpedia.com/news/quot-Operation-Windigo-quot-Attack-Infects-10-000-Unix-Servers-Millions-of-PCs-at-Risk-432920.shtml

more details are here http://blog.eset.ie/2014/03/18/operation-windigo-malware-used-to-attack-over-500000-computers-daily-after-25000-unix-servers-hijacked-by-backdoor-trojan/

and here http://thehackernews.com/2014/03/operation-windigo-linux-malware.html

Image
Always forgive your enemies; nothing annoys them so much.”
User avatar
Gilgamesh777
U.E. Graduate
U.E. Graduate
 
Posts: 92
Joined: Wed Nov 13, 2013 11:03 am
Operating System: Ultimate Edition 3.1 64 BIT



Re: “Operation Windigo” Attack Infects 10,000 Unix Servers!!

Postby Xanayoshi » Wed Mar 19, 2014 4:48 pm

"How to Check, if you have been compromised? If you use only 'ssh -G' command, a clean server will print: 'ssh: illegal option -- G', but an infected server will only print the usage.

Administrators can use the following UNIX/Linux command to check:

$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"

If your system or server was also compromised in the same campaign, it's recommended to re-install the system or re-set all passwords and private OpenSSH keys."

systemcheck.png
Image

And now, the completely true facts, as told by an anonymous man hiding behind a screen name:

Packard Bell Pack Mate II 286 Intel 80286 1MB RAM
ImageImageImage
User avatar
Xanayoshi
Moderator
 
Posts: 1564
Joined: Thu Oct 18, 2012 1:46 pm
Location: Kitsap County
Age: 39
Operating System: Ultimate Edition 3.4 32 BIT


Return to News and Events

Who is online

Users browsing this forum: No registered users and 2 guests

cron