Fraudsters have managed to create a botnet of infected Linux servers which is capable of flooding websites and other systems with at least 150Gbps of garbage traffic.
The XOR Distributed Denial of Service (DDoS) botnet performs 20 attacks per day, according to Akamai. 90% of these attacks from malware-infected computers are carried out on Companies which are based in Asia. The most frequent target is gaming websites, and the next is educational institutions.
Botnet malware installs a backdoor into the systems and can handle them. Initially, attackers get root access by doing brute-force on the system's SSH service.
Once they have managed to get root, they use its privileges to execute a bash shell script that downloads and executes malicious software.
Hackers can then use the compromised systems as a DDoS attack platform to flood targets with either SYN or DNS spam. traffic. The bot's IP address is spoofed, but not always, according to Akamai.
The bandwidth of DDoS attacks reaches 179Gbps! To understand the size, the larger DDoS attacks that have been recorded reach the 400Gbps.
More information on the threat, removing malware from your computers, and reducing DDoS can be found on the Akamai page.
