Latest Threat Report: Crypto Miners Targeting Linux Environments

Coinmining accounted for more cases of malware than any other family.

James Anderson, Senior News Editor

August 31, 2021

2 Min Read

More than 13 million Linux-based cloud environments face a malware event, according to Trend Micro.

The company recently unveiled its 2021 1H Linux Threat Report, which shows threat actors are paying close attention to Linux users.

Although popular society typically talks about Microsoft Windows and macOS when it comes to operating systems, Trend Micro notes that all of the largest supercomputers in the world use Linux. Moreover, a W3Techs survey found that more than half (51%) of the world’s largest 1,000 websites use Linux. Linux users also highly populate the Trend Micro workload security customer base.

“It’s safe to say that Linux is here to stay, and as organizations continue to move to Linux-based cloud workloads, malicious actors will follow,” said Aaron Ansari, Trend Micro’s vice president of cloud security.

Threat Numbers

And the numbers show that the malicious actors have arrived. Trend Micro in one search found 14 million results for exposed, internet-connected devices that use Linux operating systems.

Approximately 19 million machines ran servers with the exposed “port 22.” The majority of those machines reside in the U.S. Trend Micro urged companies to close up those ports.


Source: Trend Micro 1H 2021 Linux Threat Report

Most of the detected threats occurred in end-of-life systems. In particular, CentOS version 7.4 through 7.9 accounted for 44% of detections.

Trend Micro also broke down the most prevalent malware families affecting Linux servers in the first half of 2021. Coinminers took the top prize, capitalizing on cryptocurrency mining trends. Web shells, which include the recent Microsoft Exchange Attack, came in second. Ransomware and trojans trailed in third and fourth, respectively.


Source: Trend Micro 1H 2021 Linux Threat Report

Trend Micro in July released the results of its ransomware study.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email James Anderson or connect with him on LinkedIn.

Read more about:

MSPsChannel Research

About the Author(s)

James Anderson

Senior News Editor, Channel Futures

James Anderson is a news editor for Channel Futures. He interned with Informa while working toward his degree in journalism from Arizona State University, then joined the company after graduating. He writes about SD-WAN, telecom and cablecos, technology services distributors and carriers. He has served as a moderator for multiple panels at Channel Partners events.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like