The Modern Linux Threat Landscape in a Nutshell
Unfortunately, despite the heralded security of the Linux operating system, gone are the days where threats such as malware and viruses are not a serious concern for Linux users. Attackers have come to view Linux servers as yet another viable target that often provides a valuable return on investment. In March of 2018, 15,762 new Linux malware variants were developed - a notable increase from the 4,706 new variants developed in March of 2017.
The evolution of malware research in recent years has offered superior visibility into attacks threatening Linux servers. It should be noted that a vulnerable server of any sort is an open door for data and credential theft, DDoS attacks, cryptocurrency mining and web traffic redirection. Most significantly, it can be used to host malicious command and control (C&C) servers.
Just over a year ago, bringing to conclusion a collaborative three-year effort, security researchers identified various OpenSSH backdoors - including the notorious Linux/Ebury backdoor - which could be used to compromise servers with dangerous malware. Simultaneously, ESET researchers exposed 21 Linux-based malware families, 12 of which were previously undocumented. In a sense, these findings confirmed an evolving, increasingly dangerous array of threats facing Linux users and their systems.