Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cracked Linux Boxes Used to Wield Windows Botnets

Posted by ryuzaki0 on from the good-alliteration-but-scary-concept dept.

m-stone writes "Online auction house eBay recently did a threat assessment to better understand the forces ranging against them. The company is keeping the fine details under wraps, but the biggest source of danger for the company is apparently botnets. You're never going to guess who was running them. '[Dave Cullinane, eBay's chief information and security officer] noticed an unusual trend when taking down phishing sites. 'The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes,' he said. Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected. Because Linux is highly reliable and a great platform for running server software, Linux machines are desired by phishers, who set up fake websites, hoping to lure victims into disclosing their passwords."

3 of 309 comments (clear)

  1. Ha? by gspawn · · Score: 0, Troll

    Just makes me wanna smack every Linux geek I know and scream, "I told you so!". The only reason Linux hassn't been widely hacked was because it was only used by a few professionals who had tight control on their security. The more mainstream it gets, the more of a target it becomes, and the stronger your security needs to be.

    Anyone remember the days of (or are you still one of the people saying) "but with Linux, you have to login as root"? Not like there's a massively obvious problem there with regard to hacking or anything.

    --
    ---Vote None of the Above---
  2. Re:OT: What happened by MrNemesis · · Score: 0, Troll

    It's ticked my "I would like to test slashdot's new broken threading system" which doesn't want to work properly in Opera, it won't let me revert back to the older style (if I untick the box, page refreshes and the box is still ticked), if I change my threshold in one thread it affects my threshold in other threads, styupid floating javascript window obscures parts of the page.

    Since when did /. force us to be beta testers when it seems apparent that very little cross-platform testing has occurred? I thought that was Microsoft's job!

    P.S. I like that way the /. FAQ says "you should know the emails of the people to contact if you find a bug". Very user-friendly I'm sure...

    --
    Moderation Total: -1 Troll, +3 Goat
  3. Not really that suprizing... by Rooked_One · · Score: 0, Troll

    a lot of linux people have the holy than thou (the young liux crowd that is) and most all linux people use IRC.

    Where is it easiest to find out almost everything about someone? Uh huh! Need I continue?