, an open source alternative to proprietary Secure Shell Software (SSH) to infect thousands of servers and desktop computers, apparently, stole user credentials on system and SSH private keys for outgoing SSH connections.

The Group behind the attacks may have been active since December 2012, using a modified version of

" According to our analysis, over 25,000 servers have been affected over the last two years. More than 10,000 of them are still infected today. " ESET reported, " using the Linux/Ebury OpenSSH backdoor "

Hackers have accessed a wider range of compromised machines, used them to redirect half of a million web visitors to malicious websites and abusing the server bandwidth to send more than 35,000,000 spam messages per day. If victim will use a Smartphone to surf the malicious link from Spam mails, they will be redirected to Porn sites, with the intention of making money.





High-profile Targets: Report listed some affected high profile servers and companies, including cPanel ( kernel.org (main repository of source code for the Linux kernel). famous web hosting control panel) and Linux Foundation's (main repository of source code for the Linux kernel).

ESET Researchers collaborated with CERT-Bund, the European Organization for Nuclear Research (CERN), the Swedish National Infrastructure for Computing and other agencies to fight against this malware campaign.