A botnet made up of Linux computers is generating over 150 Gbps per second denial-of-service attacks (DDoS), which are seriously threatening some companies, since they are much more powerful than infraestructures can usually support.
This botnet is targeting around 20 sites each day, 90% located in Asia. The most common targets are online gaming and educational sites.
The malware feeding the botnet is called XOR DDoS and it was identified in September 2014 for the first time. Now, a the security response team from Akamai Technologies has discovered a new wave of attacks.
The cibercriminals installed the malware in Linux devices of all types, including Wi-Fi routers and network storage devices, taking advantage of poor passwords used to protect the shell command in Linux devices. Once the attacker access the system, they run a script that downloads and executes the malware and they hide it using rootkit techniques.
One decade ago, such attacks were unthinkable, but as Linux users grow, "cibercriminals see more opportunities infecting it, that's why we should make an effort to secure and strengthen Linux-based systems", says Akamai technologies.