- Aug 17, 2014
The number of malware infections targeting Linux devices rose by 35% in 2021, most commonly to recruit IoT devices for DDoS (distributed denial of service) attacks.
IoTs are typically under-powered "smart" devices running various Linux distributions and are limited to specific functionality. However, when their resources are combined into large groups, they can deliver massive DDoS attacks to even well-protected infrastructure.
Besides DDoS, Linux IoT devices are recruited to mine cryptocurrency, facilitate spam mail campaigns, serve as relays, act as command and control servers, or even act as entry points into corporate networks.
A Crowdstrike report looking into the attack data from 2021 summarizes the following:
- In 2021, there was a 35% rise in malware targeting Linux systems compared to 2020.
- XorDDoS, Mirai, and Mozi were the most prevalent families, accounting for 22% of all Linux-targeting malware attacks observed in 2021.
- Mozi, in particular, had explosive growth in its activity, with ten times more samples circulating in the wild the year that passed compared to the previous one.
- XorDDoS also had a notable year-over-year increase of 123%.
The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks.