Researchers have become aware of a malware attack that has infected 25,000 UNIX servers worldwide and affects in the region of 500,000 computers every day.
The attack, dubbed "Operation Windigo", was uncovered by Slovakian security firm ESET and CERT-Bund, the Swedish National Infrastructure for Computing.
Data theft
The malicious code is designed to hijack servers and infect the computers that visit them or the websites they host. Once in control of a server, Windigo steals information and serves users with redirects to exploit kits, adverts for dating sites or pornography, depending on the operating system employed by the user.
According to ESET, Windigo has been increasing in strength and size largely unnoticed for over two and a half years. "Over 35 million spam messages are being sent every day to innocent users' accounts, clogging up inboxes and putting computer systems at risk," said ESET security researcher Marc-Étienne Léveillé.
"Worse still, each day over half a million computers are put at risk of infection, as they visit websites that have been poisoned by web server malware planted by Operation Windigo redirecting to malicious exploit kits and advertisements."
ESET has published a blog post and report that provide details of Windigo, including an explanation of how system administrators and webmasters can check whether or not their servers are compromised. Instructions for removing the malicious code are also provided.