Operation Windigo', infected more than 500,000 computers and 25,000 dedicated servers.
"According to our analysis, over 25,000 servers have been affected over the last two years. More than 10,000 of them are still infected today." ESET reported, "using the Linux/Ebury OpenSSH backdoor"
The Group behind the attacks may have been active since December 2012, using a modified version of OpenSSH, an open source alternative to proprietary Secure Shell Software (SSH) to infect thousands of servers and desktop computers, apparently, stole user credentials on system and SSH private keys for outgoing SSH connections.
http://thehackernews.com/2014/03/operation-windigo-linux-malware.html Хтось може пояснити, як цей троя потрапляв на комп’ютер?
Він що імітував оновлення?
