Security firm discovers Linux botnet that hits with 150 Gbps DDoS attacks

Akamai announced on Tuesday that its Security Intelligence Response Team has discovered a massive Linux-based botnet that’s reportedly capable of downing websites under a torrent of DDoS traffic exceeding 150 Gbps. The botnet spreads via a Trojan variant dubbed XOR DDoS. This malware infects Linux systems via embedded devices like network routers then brute forces SSH access. Once the malware has Secure Shell credentials, it secretly downloads and installs the necessary botnet software, then connects the newly-infected computer to the rest of the hive.

Security researchers had been aware of XOR DDoS since last year but have just recently noticed the effects of the botnet itself. According to Akamai, the network strikes around 20 times a day, though 90 percent of its targets are various businesses in Asia — typically gambling and educational sites. What’s troubling isn’t the scope of attacks but rather the size. This botnet is capable of driving anywhere from a couple Mbps to over 150 Gbps of traffic every minute at its targets. That upper figure is many times more than what even most multinational corporate networks can handle. It’s the digital equivalent of hunting mosquitos with a hydrogen bomb.

by Andrew Tarantola | @terrortola

Full article:

Source: Security firm discovers Linux botnet that hits with 150 Gbps DDoS attacks

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.