I just discovered that my server is infected with Trojan.Linux.BillGates.G
and is being used to launch DOS attacks.
It surprises me as the server is kept up-to-date (CentOS/Tomcat/CouchDB) as much as possible. My SSH server is only accessible via the public key/private key mechanism, no direct login is permitted.
It appears that this particular trojan is getting widespread recently. I have found several articles about it but none managed to clearly explain via what vulnerabilities the trojan is usually delivered. For instance, another trojan seems to always to laced in malicious packages.
QUESTION: What infection vectors is Trojan.Linux.BillGates known to often be used with?