Malware targeting Linux systems hit a new high in 2021

News
By published

Linux malware sees rise of over a third in a year

The Linux penguin.
(Image credit: Image Credit: Pixabay)

The Linux operating system is growing more and more interesting for malicious actors, a report from Crowdstrike has claimed.

The company’s latest threat telemetry data has shown that malware for the popular OS increased by more than a third (35%) in 2021, compared just to the year prior. 

According to Crowdstrike, Linux is a popular target for cyber crooks due to its popularity among cloud infrastructure developers and web servers manufacturers. What’s more, it powers most mobile and IoT devices, as well. 

Targeted

Among all malware present, just three families account for almost a quarter (22%) of all Linux-based malware found in 2021. Those are XorDDoS, Mirai, and Mozi. Their main goal is to assimilate target endpoints into a botnet, to be used for Distributed Denial of Service (DDos) attacks.

XorDDoS malware, for example, has had 123% more samples in 2021, compared to the previous year, while Mozi registered an increase of ten times for the same time period.

The third-most-popular malware is Mirai and all its offshoots. Crowdstrike says it is a “common ancestor” for many of today’s emerging malware samples, such as Sora (33% up), IZIH9 (39%), or Rekai (83%).

DDoS attacks and cryptominers

There are many ways which malicious actors can use to attack Linux-powered devices, from scanning for those with hardcoded credentials, to targeting those with open ports, to those with known, unpatched vulnerabilities. 

Going forward, things won’t be getting any better, either. Crowdstrike expects more than 30 billion IoT devices to be connected to the internet within tree years, creating a potentially large attack surface.

A botnet is, as the name suggests, a network of bots, performing specific tasks for their administrator. Usually, they’re tasked with DDoS attacks, but can often be used for mining cryptocurrencies. One of the largest, and most popular botnets, was Mirai, which was used in 2016 to attack the domain name server operator Dyn, among others. Mirai was dismantled three years later, through a joint raid from multiple law enforcement agencies. 

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Close up of the Linux penguin.
A new Linux backdoor is hitting US universities and governments
Android phone malware
Over 25 new malware variants created every single hour as smart device cyberattacks more than double in 2024
Fraud
Hackers are tricking victims into scam-yourself attacks with fake tutorials, CAPTCHAs, and updates
ID theft
New Androxgh0st botnet targets vulnerabilities in IoT devices and web applications via Mozi integration
A person in a wheelchair working at a computer.
Why betting on Mac security could put your organization at risk
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
The Xiaomi Pad 7 Pro on a bronze table

I tested the Xiaomi Pad 7 Pro and it's the closest Android fans can get to an iPad Pro alternative
See more latest
Most Popular
HP Fury G1i 18"
'2-inches gets you 30% more screen': HP is pitching 18-inch laptop as the best new thing in tech
Framework Desktop
Framework's Desktop is selling like hot cakes; Ryzen Max+ 395, Max 383 batches are sold out with next shipment in Q3
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
A person using a smartphone with an ecommerce website showing on a laptop.
Consumers are warming up to AI assistants, survey finds - 1/3 of us would allow AI to make purchases
A bloodied Mark staring at an off-screen Helly as Gemma screams at him from behind an exit door in Severance season 2 episode 10
Severance season 3: everything we know so far about the wildly popular Apple TV+ show's next chapter
Nvidia DGX Spark AI supercomputer
Project Digits is now DGX Spark: Nvidia raises its price by 33% as HPE, Dell jump on Petaflop mini AI bandwagon
ChatGPT workout
I use ChatGPT to hit my fitness and exercise goals – here are 7 prompts to help you get in shape using AI