Ebury A Potent Linux Botnet Infects Over 400K Servers

Threat Level – Red | Vulnerability Report
Download PDF


A large malware campaign targeting Linux servers, called Ebury, has been active since 2009. Over 400,000 servers have been compromised historically, with over 100,000 still infected at the end of 2023. This financially motivated malware allows attackers to steal cryptocurrency and credit card information. Ebury is a versatile threat, capable of stealing credentials, spreading spam, redirecting web traffic, and even granting complete control of compromised servers.

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox