Linux.Ngioweb - 360 Netlab Blog - Network Security Research Lab at 360

Linux.Ngioweb

A collection of 2 posts

Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices

Background On June 21, 2019, we published a blog about a Proxy Botnet, Linux.Ngioweb. On August 4, 2020, we captured a batch of ELF files with zero VT detection, which are variants of Ngioweb.And we just named it V2. Two weeks later, on August 16, we noticed that

An Analysis of Linux.Ngioweb Botnet

Background On May 27, 2019, Our Unknown Threat Detect System highlighted a suspicious ELF file, and till this day, the detection rate on VT is still only one with a very generic name. We determined that this is a Proxy Botnet, and it is a Linux version variant of the