BreachAlarm

Blog

“Operation Windigo” Threatens Website Security

• in categories: news • by: Michelle Balestrat

Security researchers at ESET have launched one of the largest task-forces against a cyber-threat this year.

Aided by law enforcement personnel and scientists from around the globe, the investigation has showcased the dangerous and growing “Operation Windigo” malware threat, which targets the highly popular UNIX/Linux server platform used by the ‘Big Three’ server hardware manufacturers: IBM, HP and Dell.

By stealing server credentials, criminals have taken control of thousands of servers and websites world-wide, using the infected servers to send masses of spam, redirect traffic to suspicious content and widen the exploit by stealing more server login details.

The Operation Windigo threat has been steadily gaining strength, flying almost under the radar of the security community since mid-2011, when servers first began being compromised by the malware-based attack. On an infected server, the malware opens several ports, allowing access by hackers whilst taking up few system resources to avoid detection.

Worldwide, over 10,000 servers have been infected, with as many as 400 infections identified in Australia. End-users of these servers and websites have been exposed to increased amounts of spam, advertising and malware. With 60% of the world’s servers running on vulnerable operating systems, the potential for infection is even greater still. System administrators are urged to stay vigilant to protect the users of their servers.

According to advice from ESET International security researcher, Marc-Étienne Léveillé, infected servers will need to be completely formatted, with the operating system reinstalled to remove the threat. Server private keys and passwords also need to be completely changed to prevent re-infection.

But what does this mean for regular internet users? The Operation Windigo threat highlights an important point to remember: there is no way to tell whether the server you’re connected to is clean, so always exercise caution when providing websites with your personal information.

Never reuse passwords across multiple websites, and ensure that they contain a variety of characters to make them difficult to crack, in case they are ever compromised.

If you are concerned, sign up to BreachAlarm’s Email Watchdog service for around-the-clock monitoring of your password’s security status. We currently offer a free subscription for one email address, so there’s no reason to wait! Get started today.

Boost your breach protection!

Email Watchdog

Guard your online accounts.
  • 10 and 50 email packs available.
  • Detailed breach notifications.
  • Watchdog Update email newsletter.
  • Priority email support.
Learn More

Business Watchdog

Protect your company’s accounts.
  • Protect all email addresses in your domain.
  • Detailed breach notifications.
  • Exclusive access to your domain’s breach status.
  • Watchdog Update email newsletter.
  • Priority Email Support.
Learn More
Browse all posts
Avalanche Technology Group