Linux Botnet Discovered

Author: Dennis Fisher

September 14, 2009 3:11 pm

From The H Security
A network of hijacked Linux servers is apparently being used to distribute malicious software to Windows PCs. According to an analysis by web developer Denis Sinegubko, the comprised systems all have one thing in common: the light weight web server nginx is running and serving content through port 8080. Otherwise, these systems are inconspicuous and appear to operate quite normally. This new tactic was discovered when links to malware posted in China were replaced by dynamic DNS names from DynDNS.com and No-IP.com. Read the full story [The H Security].

From The H Security

A network of hijacked Linux servers is apparently being used to distribute malicious software to Windows PCs. According to an analysis by web developer Denis Sinegubko, the comprised systems all have one thing in common: the light weight web server nginx is running and serving content through port 8080. Otherwise, these systems are inconspicuous and appear to operate quite normally. This new tactic was discovered when links to malware posted in China were replaced by dynamic DNS names from DynDNS.com and No-IP.com. Read the full story [The H Security].