A New Botnet Hits Servers With 150 Gbps DDoS Attacks

We may earn a commission from links on this page.

Just yesterday, Akamai’s Security Intelligence Response Team announced that it’s discovered a new botnet that uses a 150 Gbps onslaught to bring servers and websites to their knees.

The Linux-based botnet spreads aboard a Trojan that’s called XOR DDoS. That wriggles its way into Linux systems by attacking embedded devices — things like routers — and then gaining SSH (secure shell) access. Once it’s achieved that, it can happily download a small piece of botnet hardware, turning the system into yet another node in the botnet that can happily do the same thing

While the security team has known about the botnet for over a year, it has only recently been observed taking hold in the wild. It’s said to strike up to 20 times a day, largely being used to attack Asian gaming and education sites at the moment, and has been observed to throw attack of up to 150 Gbps at servers. That is huge — easily enough to bring down most commercial servers.


It remains to be seen how widespread an impact XOR DDoS will have. But individuals — and companies — that run Linux systems may want to double down on security.

[Akamai via PC World via Engadget]

Image by nrkbeta under Creative Commons license.