Operation Windigo (Malware)

A collection of malware developed to create a sophisticated network of botnets that can distribute spam, redirect Web traffic and infect users’ computers with malware, all while keeping the location of the cyber criminals perpetrating the attacks a secret.

Operation Windigo is believed to have been growing behind the scenes for the past three years. It gained public attention in March 2014, when software security firm ESET revealed it was responsible for compromising more than 25,000 Linux servers. At one point during this time the Windigo network was sending 35 million daily spam messages and redirecting more than 500,000 web visitors to exploits kits each day, according to ESET.

Operation Windigo primarily relies on two Linux backdoors, Linux/Ebury and Linux/Cdorked, to steal login credentials, compromise Web servers and redirect traffic. Notable victims of Operation Windigo have included cPanel, a popular web hosting control panel platform, and kernel.org.

How to Identify and Clean a System Compromised by Windigo

ESET researchers dubbed the network Windigo after a mythical cannibalistic creature of Algonquian Native American folklore. The security firm recommends administrators and webmasters run the following command to identify if their server has been compromised by Operation Windigo:

$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo System clean || echo System infected

Servers infected by Operation Windigo should be wiped completely clean and have their operating system and applications reinstalled. Unique passwords and private keys need to be created for future access to a previously infected system in order to help prevent the server from being compromised again.

Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

Text Abbreviations reviewed by Web Webster   From A3 to ZZZ we list 1,559 SMS, online chat, and text abbreviations to help you translate and understand...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

Generations of Computers (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

How to run chkdsk

Chkdsk, short for check disk, is a system tool and command...

Monday.com

Monday.com is a cloud-based work operating system that can be used for a...

Secure Socket Tunneling Protocol...

The secure socket tunneling protocol (SSTP) is a VPN protocol where...