DDoS attacks from Linux system increased by 254%, says Microsoft

Deepak Gupta May 21, 2022
Updated 2022/05/21 at 8:12 AM

According to a recent Microsoft publication, a significant 254% increase in DDoS attacks from Linux operating systems has been noticed.

This conclusion comes after several months of analysis and observation of activity by a Linux trojan, named XorDdos.

DDoS attacks on Linux increase with XorDdos trojan

This week, Microsoft shared on its official blog that in the last six months it has seen a 254% increase in activity from a Linux trojan called XorDdos. According to the Redmond giant, this trojan was first discovered in 2014 by the MalwareMustDie research team and was given the name XorDdos due to its activities on Linux terminals and servers, as well as its use of cryptography based on Xor for communication with the control servers.

Microsoft indicates that there is a malware trend towards more and more Linux-based operating systems, which are often deployed on cloud systems and Internet of Things (IoT) equipment. As such, by compromising these IoT devices, and others connected to the Internet, the XorDdos trojan accumulates botnets that can then be used for DDoS attacks.

Typical DDoS attacks from Linux XorDdos trojan

XorDdos is also known to use Secure Shell (SSH) brute force attacks to gain remote control of target devices.

The Windows company also says that the malware uses different techniques to stay hidden from security systems, which allows it to be on machines for a long period of time without being detected while waiting for the order to start attacks on its targets.

According to Microsoft, it was also discovered that the first devices infected with this Linux trojan were later infected with additional malware, such as the Tsunami backdoor, which deploys the XMRig cryptocurrency miner.

You can see the complete information revealed by the company on here.

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published.