Symantec Security Response Blog:
Security researchers have released a paper (pdf) documenting a large and complex operation, code named "Operation Windigo". Since the campaign began in 2011, more than 25,000 Linux and Unix servers were compromised to steal Secure Shell (SSH) credentials, to redirect Web visitors to malicious content, and to send spam. Well-known organizations such as cPanel and Linux Foundation were confirmed victims. Targeted operating systems include OS X, OpenBSD, FreeBSD, Microsoft Windows, and various Linux distributions. The paper claims Windigo is responsible for sending an average of 35 million spam messages on a daily basis. This spam activity is in addition to more than 700 Web servers currently redirecting approximately 500,000 visitors per day to malicious content.
The paper lists three main malicious components (ESET detection names):
Continued : http://www.symantec.com/connect/blogs/25000-linux-and-unix-servers-compromised-operation-windigo
10,000 Linux servers hit by malware serving tsunami of spam and exploits
25,000 UNIX servers hijacked by backdoor Trojan
Windigo Linux Analysis - Ebury and Cdorked
Your favorite shows are back!
Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!