Cybercriminal use of the Linux Trojan known as XorDdos is on the rise, according to a new report, which found a 254% increase in malicious activity against Linux endpoints using the malware over the last six months.
It was first discovered in 2014, and the Microsoft 365 Defender Research Team explained in a recent blog post that the XorDdos Trojan targets Linux cloud and Internet of Things (IoT) endpoints, and deploys botnets to carry out distributed denial-of-service (DDoS) attacks.
The team added that the attacks fit a wider trend of attacks targeting Linux-based systems.
"By compromising IoT and other internet-connected devices, XorDdos amasses botnets that can be used to carry out DDoS attacks," the team wrote in describing the rise of the XorDdos Trojan. "DDoS attacks in and of themselves can be highly problematic for numerous reasons, but such attacks can also be used as cover to hide further malicious activities, like deploying malware and infiltrating target systems."