Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hijacked Linux servers distribute malicious software

Add to     Digg this story Digg this

September 15, 2009

A recently discovered botnet of hijacked Linux servers is being used to distribute malicious software to Windows computers across the globe.

According to an analysis by Internet application developer Denis Sinegubko, the compromised PCs all have one thing in common: the light weight Web server "nginx" is running on them and serving content through port 8080.

Get the best Linux or Windows Web hosting plan for your website.
Get the lowest rate and the best tech support on any Linux or Windows hosting plan. Learn more by clicking here.

Otherwise, these systems would appear to be totally inconspicuous and would seem to operate normally.

These events were discovered when links to malware posted in China were replaced by dynamic DNS names from and

The infected Linux servers then register at the dynamic DNS services using particular host names with their IP address. Note that Windows servers are even easier to infect than Linux, but at the time we wrote this, only a few Windows servers had been deemed as infected by the virus.

Sinegubko says that the dynamic DNS providers have already deleted more than 100 host names from their databases, but the botnet operators are apparently reacting quickly and registering systems under new names.

Sinegubko says his list currently has 77 IP addresses and growing quickly.

It isn't clear how the servers were compromised, and additional analyzis is being performed to know more.

Sinegubko speculates that some system administrators may have been sloppy enough to use the root account for FTP operations and to store their root passwords in FTP program settings!

The hijackers then would have accessed these root passwords and sniffed out the critical data to penetrate these compromised servers.

More work is being done and careful analyzis is also being performed by a few more Internet security firms in order to better protect systems and to prevent such mishaps from occurring again.

We will keep you posted on this, as well as other security news as they happen.

Add to     Digg this story Digg this

Source: ISND.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Get your Linux or Windows dedicated server today.

The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.