---
title: "Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge | DMARC Report"
description: "Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge from DMARC Report explains practical steps for email authentication, domain."
image: "https://dmarcreport.com/og/blog/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge.png"
canonical: "https://dmarcreport.com/blog/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Malware Terrorizes Linux, Cyberattack Disrupts Water, Cyber Incidents Surge
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fmalware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Malware%20terrorizes%20Linux%2C%20Cyberattack%20disrupts%20water%2C%20Cyber%20incidents%20surge&url=undefined%2Fblog%2Fmalware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fmalware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fmalware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge%2F&title=Malware%20terrorizes%20Linux%2C%20Cyberattack%20disrupts%20water%2C%20Cyber%20incidents%20surge "Share on Reddit") [ ](mailto:?subject=Malware%20terrorizes%20Linux%2C%20Cyberattack%20disrupts%20water%2C%20Cyber%20incidents%20surge&body=Check out this article: undefined%2Fblog%2Fmalware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Malware Terrorizes Linux, Cyberattack Disrupts Water, Cyber Incidents Surge
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-16655” readonly/>
```
```
Another week, another dose of cyber news!
Hello people! We are back again with our weekly **cyber news bulletin**. This time, we will discuss a massive [malware attack](https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html) on Linux servers. Also, the disruption of the US water supply because of a cyberattack is a matter of concern. Lastly, our focus will be on the sudden spike in cyberattacks across the Middle East region.
The purpose of this weekly bulletin is to educate you about the \*\*latest trends around [cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) and spread awareness about highly sophisticated scams and attacks .
Without much ado, let’s get started!
## Mysterious malware dropper terrorizes millions of Linux servers across the globe!
Millions of Linux servers worldwide are on the radar of this mysterious malware known as Perfctl. So far, the malware dropper has infected over thousands of [Linux users with proxyjacking](https://cybersecuritynews.com/proxyjacking-campaign-attack-ssh-servers/) and [cryptomining malware](https://www.csoonline.com/article/3520721/new-cryptomining-campaign-infects-weblogic-servers-with-hadooken-malware.html). A recent analysis has exposed Perfctl and its collection of humongous exploit paths that it leverages to attack its targets. News of [Linux server attacks](https://www.darkreading.com/application-security/hackers-proxyjack-and-cryptomine-selenium-grid-servers) is coming from **all around the world**, Russia, the USA, Indonesia, Germany, Spain, Korea, and China.
There are \*\*forum posts and blogs all over the internet talking about this attack, and they have been published for the last 3 or 4 years. _This article focuses on how ‘killing Perfctl seems nearly impossible because the malware seems extremely persistent in nature_.
Perfctl keeps an eye on \*\*misconfigurations and vulnerabilities so that it can exploit and acquire initial access. It is literally impossible to keep your [Linux server](https://www.techopedia.com/definition/4888/linux-server) safe from Perfctl at this moment.
Experts believe that the possibility of Linux server misconfiguration by **Perfectl is massive**.
Linux users must take immediate remedial steps to safeguard their \*\*data and devices from [Perfectl attacks](https://www.securityweek.com/stealthy-perfctl-malware-infects-thousands-of-linux-servers/). Here are a couple of expert tips you can keep in mind to prevent such malware attacks:
- Implementation of **stringent privilege management** \- Restricting file execution
- Disabling services that are no longer in use
- Deployment of runtime protection
- [Network segmentation](https://www.geeksforgeeks.org/what-is-network-segmentation/)
## USA water supply disrupted after a cyberattack!
USA’s largest publicly traded **water utility service**s, American Water, was required to take their operations offline briefly on Tuesday morning. People were not able to access its \*\*telecommunications system and website for a long time. The reason behind this radio silence is a [cyberattack](https://www.usatoday.com/story/news/nation/2024/10/08/american-water-works-utility-cyberattack/75579275007/) that forced the company to disconnect its online systems.
American Water is a reputed name across the USA as it caters to over \*\*14 million users across 18 [military installations](https://en.wikipedia.org/wiki/List%5Fof%5FAmerican%5Fmilitary%5Finstallations) and 14 states. There are more than 6500 employees who work at the **American Water facilities**. On Tuesday morning, the water supply giant realized that there had been an “[unauthorized activity](https://www.reuters.com/technology/cybersecurity/home-security-firm-adt-inc-reports-unauthorized-activity-its-network-2024-10-07/) within its computer networks and systems.” Immediately, American Water got in touch with the US Securities and Exchange Commission and reported the cyber incident in a [Form 8-K filing](https://www.sec.gov/Archives/edgar/data/1410636/000119312524233300/d869346d8k.htm).
American Water was quick to take remedial steps and took no time to activate the incident-response protocols. It also got in touch with [third-party](https://www.investopedia.com/terms/t/third-party.asp) \*\*cybersecurity experts to minimize the impact of the attack. _As a result, the public water utility company disconnected and deactivated some of its systems in order to protect its data_.
Allegedly, the cyberattack has affected the \*\*customer-facing sites and [customer portals](https://www.zendesk.com/in/blog/what-is-a-customer-portal/) of the American Water. _An attendant shared that the telecommunications system was also down, and as a result, it was impossible for American Water to get in touch with its media relations team_.
There is no clarity on whether or not the \*\*wastewater or water facilities were impacted by the cyberattack.
## Steep rise in cyber incidents across the Middle East and Turkey!
The **United Arab Emirates**, Saudi Arabia and Turkey experienced [10 plus attacks on average](https://www.darkreading.com/cyber-risk/mideast-turkey-cyber-threats-spike-defense-changes) in the past year. IT experts and \*\*business professionals believe that 2025 is going to be worse in terms of cyber incidents.
In a survey that covered around 1000 [security professionals](https://www.linkedin.com/advice/1/what-does-security-professional-do-skills-information-security-8trnf), only 46% felt \*\*safe and prepared against future cyberattacks. With the rise in volume and frequency of cyberattacks in the Middle East, the cybersecurity landscape is getting more intricate and complicated.
Cyber incidents are becoming the **new normal in this region**. [DDoS attacks](https://www.aljazeera.com/news/2024/8/13/whats-ddos-the-cyberattack-musk-claims-disrupted-trumps-interview) have witnessed a hike of [70% ](https://www.darkreading.com/cyberattacks-data-breaches/uae-saudi-arabia-cyberattack-targets)in the UAE and Saudi Arabia .
Businesses and organizations in \*\*Turkey and the Middle East are planning to increase their [cybersecurity budget](https://federalnewsnetwork.com/budget/2024/03/biden-budget-request-includes-13b-for-cybersecurity-continuing-upward-trend/). With this, they aim to simplify and uncomplicate the **cybersecurity landscape**. Irrespective of all the prep-ups, many feel that they are not prepared enough to combat the attack.
_According to experts, industries like finance, IT, and service-based businesses are the primary targets of cyber attackers_. Media and telecom, as well as the **gaming sector too**, are on the rade of [threat actors](https://cybersecuritynews.com/facebook-account-hijack-malware/).
At present, the requirement is to fortify the current cybersecurity mechanism\*\*, and train more and more people and prepare them for **potential cyberattacks**. To enhance [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) and prevent [phishing attacks](https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/) in the face of rising [cyber threats](https://www.infosecurity-magazine.com/news/us-intelligence-predicts-cyber/), organizations must implement [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [DMARC](https://dmarcreport.com/) protocols to ensure the authenticity of their communications.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[ Foundational 4m Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[ Foundational 4m Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)[ Foundational 4m Car Cameras Hackable, UK Water Breach, Thailand Frees Captives Feb 28, 2025 ](/blog/car-cameras-hackable-uk-water-breach-thailand-frees-captives/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge","description":"Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge from DMARC Report explains practical steps for email authentication, domain.","url":"https://dmarcreport.com/blog/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/","datePublished":"2024-10-11T06:51:16.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-10-11T06:51:16.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/"},"articleSection":"foundational","keywords":"dkim, DMARC, email security, News, SPF","wordCount":1132,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge","item":"https://dmarcreport.com/blog/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/"}]}
```