Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unnoticed For Years, Malware Turned Linux Servers Into Spamming Machines

Posted by timothy on from the just-where-you-least-expect-it dept.

An anonymous reader writes: For over 5 years, and perhaps even longer, servers around the world running Linux and FreeBSD operating systems have been targeted by an individual or group that compromised them via a backdoor Trojan, then made them send out spam, ESET researchers have found. What's more, it seems that the spammers are connected with a software company called Yellsoft, which sells DirectMailer, a "system for automated e-mail distribution" that allows users to send out anonymous email in bulk. Here's the white paper in which the researchers explain the exploit.

2 of 180 comments (clear)

  1. Re:Spamming daemon packed inside ELF binary by ledow · · Score: 5, Insightful

    You can be insecure on any machine, same as you can be a dick in any language.

    If you have a non-package binary installed on your system, it's user-error. You have decided to run that, and done that with privileges enough to run it.

    This isn't packaged with any software, except for a spam-generating (mass mailing) software anyway. Just that those spammers didn't know they were being used to spam for others too.

    Same as if you just run a program on a Windows machine. It's got FUCK ALL to do with open-source, but don't let that stop you.

    And packaged open-source software is hash-checked and signed by the distributors. This has not been found in ANY repository of distribution packages. It's a random program that someone has decided to install, and is bundled with spam-generating software, so that's how it "kept quiet"... the people installing didn't give a shit about what they were installing, or the mass-mailing they were already doing. It's like getting a virus from a game crack.

    But, please, continue to think you're superior because "lol OS is insecure". I don't actually see any difference between your unrelated argument and, say, "lol Xbox sucks because".

  2. Re:Who cares? by ledow · · Score: 5, Insightful

    It's not even very good.

    If you have noexec /tmp, it can't even start. That's been the default in almost every distro for years.

    And it's a random third-party binary. It's not like it got into package repositories or a major piece of software. Some cock downloaded a piece of malware, of his own accord, outside of package management on a Linux machine. And so few people did that, it wasn't even showing up on the radar.

    God, if I had a penny for every spam email sent from a compromised Windows computer that I've had brought to me and been asked to clean, I'd have earned more than a year's wages already.