Linux/Ebury

A strain of malware that allows unauthorized access and control of an affected system. Linux/Ebury is a backdoor Trojan and credential stealer that disguises itself as a variant of OpenSSH for Linux and Unix-style operating systems.

In March 2014, software security firm ESET discovered a connection between Linux/Ebury and other malware components such as Linux/Cdorked, Win32/Glupteba.M and Perl/Calfbot. ESET uncovered the fact that all four malware strains are operated by the same group, and subsequently dubbed the malicious collection of components as Operation Windigo.

How to Identify and Clean a System Compromised by Ebury

Linux/Ebury is distributed as a modified version of OpenSSH, which is an open source alternative to Secure Shell Software (SSH). Administrators can determine if a system has been compromised by Linux/Ebury by running the following command:

ssh g

An error about a missing argument returned by the command signifies that the system in question has been compromised by Ebury.

Systems infected by Linux/Ebury should be wiped completely clean and rebuilt from scratch. And because Ebury steals login credentials through its trojanized SSH binary, unique passwords and private keys need to be created for future access to the previously infected system in order to help prevent the server from being compromised by Ebury again.

Forrest Stroud
Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

Huge List Of Texting and Online Chat Abbreviations

From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top...

How To Create A Desktop Shortcut To A Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Creating a desktop...

The History Of Windows Operating Systems

Microsoft Windows is a family of operating systems. We look at the history of Microsoft's Windows operating systems (Windows OS) from 1985 to present...

Hotmail [Outlook] Email Accounts

  By Vangie Beal Hotmail is one of the first public webmail services that can be accessed from any web browser. Prior to Hotmail and its...

Legacy Code Definition &...

Legacy code refers to source code that has been inherited from a previous...

Unregulated Power Supply Definition...

An unregulated power supply is a system that transforms input voltage into direct...

Cybersecurity Awareness Training Definition...

Cybersecurity awareness training informs employees of the attack surfaces and vectors in their...