"400,000 Linux Servers Hit by Ebury Botnet"

According to ESET, the Ebury Linux botnet has continued to grow over the past decade, with about 100,000 systems found to be infected at the end of 2023. Ebury, a botnet discovered in 2014, survived a takedown attempt and Maxim Senakh's sentencing for his involvement in the botnet's operation. Ebury is an OpenSSH backdoor and credential stealer that has continually been updated. It has infected over 400,000 hosts since 2009 for financial gain. ESET says the botnet's operators are active, using zero-days in administrator software, targeting other threat actors' infrastructure to steal victim data, and redirecting web traffic with new malware. This article continues to discuss findings regarding the expansion of the Ebury Linux botnet.

SecurityWeek reports "400,000 Linux Servers Hit by Ebury Botnet"

Submitted by grigby1

Submitted by Gregory Rigby on