windigo post-mortem

mancha mancha1 at zoho.com
Fri Mar 21 17:53:45 EST 2014


ESET recently published an interesting post-mortem of the so-called
"Operation Windigo" malware campaign [1].

OpenSSH backdoors (codename Linux/Ebury), described by ESET last month
[2], are a key component of Windigo's attack surface.

--mancha

[1]
http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf
[2]
http://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/



More information about the openssh-unix-dev mailing list