Surge in XorDdos attacks, which target the cloud and IoT

According to a new analysis, cybercriminals’ use of the Linux Trojan known as XorDdos is on the rise, with a 254 percent increase in malicious activity against Linux endpoints using the virus in the last six months.

The XorDdos Trojan was initially detected in 2014, and according to a new blog post by the Microsoft 365 Defender Research Team, it targets Linux cloud and Internet of Things (IoT) endpoints and deploys botnets to carry out distributed denial-of-service (DDoS) assaults.

The attacks, according to the researchers, are part of a larger trend of attacks on Linux-based systems.

By compromising IoT and other internet-connected devices, XorDdos amasses botnets that can be used to carry out DDoS attacks,” the team wrote in describing the rise of the XorDdos Trojan. “DDoS attacks in and of themselves can be highly problematic for numerous reasons, but such attacks can also be used as cover to hide further malicious activities, like deploying malware and infiltrating target systems.”