Ebury A Potent Linux Botnet Infects Over 400K Servers

A large malware campaign targeting Linux servers, called Ebury, has been active since 2009. Over 400,000 servers have been compromised historically, with over 100,000 still infected at the end of 2023. This financially motivated malware allows attackers to steal cryptocurrency and credit card information. Ebury is a versatile threat, capable of stealing credentials, spreading spam, redirecting web traffic, and even granting complete control of compromised servers.