Summary: Researchers highlight a significant rise in XorDDoS malware, which has primarily targeted U.S. systems between November 2023 and February 2025. The trojan, originally known for attacking Linux systems, has now expanded its reach to Docker servers and other internet-connected devices, with nearly 42 percent of affected devices located in the U.S. A new VIP version of the malware’s sub-controller has been identified, suggesting ongoing developments and potential sales among operators.
Affected: Organizations using Linux systems, Docker servers, and IoT devices in the United States and globally
Keypoints :
- XorDDoS malware has increasingly targeted the U.S., accounting for 71.3% of attacks.
- The trojan exploits SSH brute-force attacks to spread across vulnerable devices, including Docker servers.
- A new VIP version of the malware’s sub-controller has been identified, indicating active development and commercialization.
Source: https://thehackernews.com/2025/04/experts-uncover-new-xorddos-controller.html