Operation Windigo (malware)
A collection of malware developed to create a sophisticated network of botnets that can distribute spam, redirect Web traffic and infect users' computers with malware, all while keeping the location of the cyber criminals perpetrating the attacks a secret.
Operation Windigo is believed to have been growing behind the scenes for the past three years. It gained public attention in March 2014, when software security firm ESET revealed it was responsible for compromising more than 25,000 Linux servers. At one point during this time the Windigo network was sending 35 million daily spam messages and redirecting more than 500,000 web visitors to exploits kits each day, according to ESET.
Operation Windigo primarily relies on two Linux backdoors, Linux/Ebury and Linux/Cdorked, to steal login credentials, compromise Web servers and redirect traffic. Notable victims of Operation Windigo have included cPanel, a popular web hosting control panel platform, and kernel.org.
How to Identify and Clean a System Compromised by Windigo
ESET researchers dubbed the network Windigo after a mythical cannibalistic creature of Algonquian Native American folklore. The security firm recommends administrators and webmasters run the following command to identify if their server has been compromised by Operation Windigo:
$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo “System clean” || echo “System infected”
Servers infected by Operation Windigo should be wiped completely clean and have their operating system and applications reinstalled. Unique passwords and private keys need to be created for future access to a previously infected system in order to help prevent the server from being compromised again.
- Watch Datamation's editor James Maguire moderate roundtable discussions with tech experts from companies such as Accenture, Dell, Blue Jeans Network, Microsoft and more »
Tape clearly is on the decline. But remember, legacy systems can hang for a shockingly long time. Read More »Apple Pay Promises to Strengthen Payment Security
Experts believe that Apple Pay and other competitive payment systems will be far more secure than cards, even cards equipped with EMV chips. Read More »Internet of Things Shaping IT's Future
To make the IoT both work and pay off, IT is juggling upgrading and building app-centric networks, mapping out new data center architectures and... Read More »
This Webopedia study guide describes the different parts of a computer system and their relations. Read More »Webopedia Polls
The trend for the past two years has been for shoppers to spend more online during the holiday season. How do you typically shop for holiday... Read More »How to Create a Desktop Shortcut to a Website
This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Read More »