Linux Malware Saw 35% Growth in 2021


Once upon a time, Linux was viewed as an impenetrable fortress of security. Of course, anyone that has ever worked in IT knows that if a computer is connected to the internet, it's never 100% secure.

And although Linux on the desktop might still be one of the most secure operating systems on the planet, it can't escape a sort of guilt-by-association thanks to other Linux-powered devices driving a dramatic increase in attacks the platform saw in the previous years.

The devices in question are of the IoT sort.

It was Internet of Things devices (most of which are powered by Linux) that saw such a dramatic increase in malware attacks. Of those attacks, XorDDos, Mirai, and Mozi were the most prevalent types (accounting for 22% of all attacks targeting Linux). Mozi (a peer-to-peer botnet that takes advantage of weak telnet passwords) first emerged on the scene in 2019, saw 10 times more successful attacks in 2021, compared to 2020.

XorDDoS (a botnet for large-scale DDoS attacks) has been around far longer and targets SSH servers with weak passwords. However, recently, XorDDoS has been targeting (via port 2375) poorly configured Docker clusters that are hosted on third-party cloud providers.

The biggest problem with this is that Linux IoT devices are everywhere (with billions of devices worldwide), so it's imperative that anyone developing for or administering these Linux-powered devices lock them down and follow best IoT security practices.

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=