Linux Malware Saw 35% Growth in 2021

By

Once upon a time, Linux was viewed as an impenetrable fortress of security. Of course, anyone that has ever worked in IT knows that if a computer is connected to the internet, it's never 100% secure.

And although Linux on the desktop might still be one of the most secure operating systems on the planet, it can't escape a sort of guilt-by-association thanks to other Linux-powered devices driving a dramatic increase in attacks the platform saw in the previous years.

The devices in question are of the IoT sort.

It was Internet of Things devices (most of which are powered by Linux) that saw such a dramatic increase in malware attacks. Of those attacks, XorDDos, Mirai, and Mozi were the most prevalent types (accounting for 22% of all attacks targeting Linux). Mozi (a peer-to-peer botnet that takes advantage of weak telnet passwords) first emerged on the scene in 2019, saw 10 times more successful attacks in 2021, compared to 2020.

XorDDoS (a botnet for large-scale DDoS attacks) has been around far longer and targets SSH servers with weak passwords. However, recently, XorDDoS has been targeting (via port 2375) poorly configured Docker clusters that are hosted on third-party cloud providers.

The biggest problem with this is that Linux IoT devices are everywhere (with billions of devices worldwide), so it's imperative that anyone developing for or administering these Linux-powered devices lock them down and follow best IoT security practices.

01/17/2022
comments powered by Disqus