OMG! It appears that thousands of Linux servers have had their passwords stolen and an organized crew has gone about compromising them to spread spam and malware far and wide. There aren’t any special cures except rebuilding the servers from scratch and the authours of this report suggest two-factor authentication become the norm. Passwords are just too easily lost/stolen/guessed. This is not about weak passwords but loss/theft. They do supply a test which my servers have passed…
Sad to say that kernel.org promised a full report and these guys are the best we have years later by careful analysis of the universe of IT. Shame on the Linux Foundation for not being more open and setting a better standard. Shame on the Linux Foundation for allowing the bad guys to besmirch the reputation of Linux for security. They were near the tip of the iceberg and didn’t bother to save others from their fate. There’s more to Linux than cranking out code.
See Operation Windigo.
See also Ebury FAQ