Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Botnet of Linux Web Servers Discovered

Posted by kdawson on from the shields-up dept.

The Register writes up a Russian security researcher who has uncovered a Linux webserver botnet that is coordinating with a more conventional home-based botnet of Windows machines to distribute malware. "Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis Sinegubko, an independent researcher based in Magnitogorsk, Russia, told The Register. But in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware [on port 8080]. 'What we see here is a long awaited botnet of zombie web servers! A group of interconnected infected web servers with [a] common control center involved in malware distribution,' Sinegubko wrote. 'To make things more complex, this botnet of web servers is connected with the botnet of infected home computer(s).'"

2 of 254 comments (clear)

  1. Re:Ok, so I got the popcorn ready.... by LaskoVortex · · Score: -1, Offtopic

    If I had mod points, I'd mod you Troll.

    You don't get mod points because when you get them you mod inappropriately.

    --
    Just callin' it like I see it.
  2. Re:Ok, so I got the popcorn ready.... by LaskoVortex · · Score: -1, Offtopic

    I've gotten popped for every response I've given, but I have enough karma to buy Florida, so I don't care. (I post at 1 for fun.) But you seem genuine and intelligent, so you deserve some answers.

    First of all, I run only one linux server. Everything else is OS X. So, no I'm not married to linux and I do run proprietary software when it is most useful to do so.

    But I also have a problem with the semantics of "botnet" because the use of the word outside of the technical community has the connotation of an autonomously replicating system. I now understand technical people want to give the word a more relaxed meaning and they enforce that definition with negative mod points. But, outside of the technical community, the "generally accepted" definition is vague and if you asked Joe Regular Guy directly, you'd probably learn that autonomous propagation is implicit, once you explained the concept to him. "Botnet" ain't exactly in Funk and Wagnalls, by the way.

    Also, my first linux box was rootkitted through the FTP server, and so I learned about the pitfalls of poor security on linux a long time ago. No one needs to explain to me that it can be vulnerable.

    The lesson here is to not use the word "a*******f" and "M*******t" in the same sentence. That will get you popped by hidden forces and flamed by Anonymous Cowards.

    --
    Just callin' it like I see it.