Ebury Malware Resurfaces, Compromising 100,000 Servers in 2023
Ebury, a long-standing server-side cyber security threat, has resurfaced with alarming activity in late 2023. With over 100,000 servers still compromised, this 15-year-old malware continues to pose a significant risk to global computer security.
Ebury's extensive history dates back to 2009, with nearly 400,000 Linux, FreeBSD, and OpenBSD servers compromised over the years. The malware targets hosting providers worldwide, with no geographical boundaries. In 2023 alone, Ebury's activity surged, breaking records in August with a record number of compromised servers.
The countries most affected by cryptocurrency thefts from February 2022 to May 2023 were Germany, the United Kingdom, and the United States. Ebury's tactics include spam, web traffic redirection, credential stealing, credit card compromise, and cryptocurrency theft. Its latest targets are Bitcoin and Ethereum nodes. ESET reports that Ebury's use by threat actors is still growing, with the malware family updated with new obfuscation techniques and a new domain generation algorithm.
As of late 2023, more than 100,000 servers remain compromised by Ebury, highlighting the urgent need for enhanced malware protection measures. With its evolving techniques and growing use by threat actors, Ebury continues to pose a significant threat to global cyber security.
Read also:
- Web3 social arcade extends Pixelverse's tap-to-earn feature beyond Telegram to Base and Farcaster platforms.
- Jaguar Land Rover Resumes Production After Cyberattack, UK Govt & Banks Provide £3.5B Support
- Jaguar Land Rover's Cyberattack Halts Production, Impacting 100,000 Jobs
- Navigating the Path to Tech Product Success: Expert Insights from Delasport, a Trailblazer in the Tech Industry
