Security researchers at Akamai have uncovered Trojan malware being used to hijack Linux-based computer systems and build botnets to carry out distributed denial-of-service (DDoS) attacks.
The Akamai Security Intelligence Response Team said in an XOR DDoS threat advisory [PDF] that it is tracking a piece of malware that can be used to flood websites with up to 150Gbps of web traffic.
DDoS attacks are commonly used by attackers to take down a website by directing an overwhelming amount of web traffic towards its servers.
A botnet, on the other hand, is a number of infected computers that are used to direct this traffic to a target destination, very often without the owners being aware of the activity.
The XOR DDoS campaign has attacked up to 20 targets a day, 90 percent originating in Asia. The Akamai research also found evidence that the botnet's main targets are the gaming and education sectors.
XOR DDoS was first detected in September 2014 by the Malware Must Die team. The malware spreads via secure shell services that are open to brute force attacks owing to weak passwords.
"Once log-in credentials have been acquired, the attackers use root privileges to run a Bash shell script that downloads and executes the malicious binary," the researchers said.
Akamai noted that Linux systems are becoming more popular with hackers and cyber criminals.
"There are an increasing number of Linux vulnerabilities for malicious actors to target, such as the heap-based buffer overflow vulnerability found earlier this year in the GNU C library. However, XOR DDoS does not exploit a specific vulnerability," the advisory said.
"XOR DDoS malware is part of a wider trend of which companies must be aware: attackers are targeting poorly configured and unmaintained Linux systems for use in botnets and DDoS campaigns."
Linux users are being advised to update their systems, as the emerging trend indicates that cyber criminals are becoming more attuned to the software's vulnerabilities.
"A decade ago, Linux was seen as the more secure alternative to Windows environments, which suffered the lion's share of attacks at the time, and companies increasingly adopted Linux as part of their security hardening efforts," the report stated.
"As the number of Linux environments has grown, the potential opportunity and rewards for criminals has also grown. Attackers will continue to evolve their tactics and tools, and security professionals should continue to harden their Linux-based systems accordingly."
Meanwhile, a Kaspersky Lab security report found that botnet-assisted DDoS attacks have targeted victims in 79 countries across the world. The longest was earlier this year and lasted 205 hours.
More recently, it was revealed that up to 650,000 smartphones in China were used to disrupt a web server using a DDoS campaign that resulted in over 4.5 billion hits on the target server peaking at 275,000 HTTP requests per second.
More fingers of blame pointed at gangs linked to North Korean government
Dominance of Apple and Samsung in smartphones being chipped away by Huawei, Oppo and other cheaper rivals
OLED smartphone display can be stretched, bent, rolled and even dented - but won't break
Upgrading from a conventional hard-disk drive to an SSD? This may be just what you're looking for