windigo post-mortem
mancha
mancha1 at zoho.com
Fri Mar 21 17:53:45 EST 2014
ESET recently published an interesting post-mortem of the so-called
"Operation Windigo" malware campaign [1].
OpenSSH backdoors (codename Linux/Ebury), described by ESET last month
[2], are a key component of Windigo's attack surface.
--mancha
[1]
http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf
[2]
http://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/
More information about the openssh-unix-dev
mailing list