“Operation Windigo” Attack Infects 10,000 Unix Servers!!

News & Events etc. will be posted here.

“Operation Windigo” Attack Infects 10,000 Unix Servers!!

Postby Gilgamesh777 » Wed Mar 19, 2014 10:26 am

The Linux servers occupy the largest share of this market, which means that they are the most prone to attacks from hackers and other malevolent cyber-criminals. ESET researchers and a few other agencies have shown that Unix servers have been used to spread malware and send spam emails. complete story here http://news.softpedia.com/news/quot-Operation-Windigo-quot-Attack-Infects-10-000-Unix-Servers-Millions-of-PCs-at-Risk-432920.shtml

more details are here http://blog.eset.ie/2014/03/18/operation-windigo-malware-used-to-attack-over-500000-computers-daily-after-25000-unix-servers-hijacked-by-backdoor-trojan/

and here http://thehackernews.com/2014/03/operation-windigo-linux-malware.html

Always forgive your enemies; nothing annoys them so much.”
User avatar
U.E. Graduate
U.E. Graduate
Posts: 92
Joined: Wed Nov 13, 2013 11:03 am
Operating System: Ultimate Edition 3.1 64 BIT

Re: “Operation Windigo” Attack Infects 10,000 Unix Servers!!

Postby Xanayoshi » Wed Mar 19, 2014 4:48 pm

"How to Check, if you have been compromised? If you use only 'ssh -G' command, a clean server will print: 'ssh: illegal option -- G', but an infected server will only print the usage.

Administrators can use the following UNIX/Linux command to check:

$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"

If your system or server was also compromised in the same campaign, it's recommended to re-install the system or re-set all passwords and private OpenSSH keys."


And now, the completely true facts, as told by an anonymous man hiding behind a screen name:

Packard Bell Pack Mate II 286 Intel 80286 1MB RAM
User avatar
Posts: 1564
Joined: Thu Oct 18, 2012 1:46 pm
Location: Kitsap County
Age: 40
Operating System: Ultimate Edition 3.4 32 BIT

Return to News and Events

Who is online

Users browsing this forum: No registered users and 1 guest