Asya Posadskaya
Last known affiliation: Yandex LLC
Date: 2014-12-05
Botnets of *NIX Web Servers
Evgeny Sidorov 🗣 | Andrey Kovalev 🗣 | Konstantin Otrashkevich | Asya Posadskaya
Evgeny Sidorov 🗣 | Andrey Kovalev 🗣 | Konstantin Otrashkevich | Asya Posadskaya
Abstract (click to view)
In the last several years malware writers have clearly understood that getting access to web servers can bring more benefits than infecting users’ PCs. Nowadays there are millions of completely unprotected web-sites and web servers with different kinds of vulnerabilities, so it is easy for attackers to upload web shells and even get access to these web servers with root privileges. All these circumstances certainly made botnets of infected servers and web sites a modern trend in malware development.
We researched and disclosed the following malware families:
- Darkleech
- Trololo_mod
- Ebury and Cdorked
- Effusion
- Mayhem
- Mindupper shells
