Short Bytes: As more and more Linux systems are going online, the threat to the once-secure Linux systems is increasing. In a similar development, a new Trojan variant dubbed XOR DDoS is launching heavy DDoS traffic on Linux machines.
This Linux botnet spreads via a new Trojan variant dubbed XOR DDoS. The malware was first detected in the September last year. This heavy DDoS traffic is many times a company infrastructure can withstand.
The malware affects the Linux-powered machines using devices like network routers and network-connected storage devices. XOR DDoS does this by guessing SSH login credentials via deploying a brute force attack. After gaining the password, it installs the botnet software and connects the system to its rest of the family to launch the DDoS attack.
On Tuesday, Akamai Technologies announced that its security response team has uncovered recent XOR DDoS attacks that vary from few gigabits per second to 150 Gbps.
The firm writes that the gaming sector has been its primary target, followed by the educational institutions. In the recent past, this Linux botnet has attacked up to 20 targets per day and 90% of them were in Asia.
The botnet can drive the massive DDoS traffic anywhere. Akamai says that just a decade ago, Linux was seen as the most secure Windows alternative and the companies adopted the open source OS in large numbers. However, as the number of systems running on Linux have grown, the risks have also increased.
This attack shows the risks have developed due to the poorly configured Linux-based systems and unmaintained routers.
To know more about the attack and access the full cybersecurity threat advisory from Akamai, visit this link.
Have something to add? Tell us in the comments below.
Also read: How DDoS Attack Works?