Ebury Botnet Malware has compromised 400,000 Linux servers since 2009, with over 100,000 still compromised as of late 2023. It is characterized as one of the most advanced server-side malware campaigns for financial gain.
- Ebury malware targets Linux servers for financial gain.
- It has been active since 2009 and continues to compromise servers.
- The operators engage in activities like spam, web traffic redirections, and credential stealing.
- Ebury was part of Operation Windigo and is linked to cryptocurrency heists and credit card stealing.
- A Russian national was sentenced for his involvement in the development and maintenance of the Ebury botnet malware.