A network of hijacked Linux servers is apparently being used to distribute malicious software to Windows PCs. This new tactic was discovered when links to malware posted in China were replaced by dynamic DNS names from DynDNS.com and No-IP.com. The comprised systems all have one thing in common: the light weight web server nginx is running and serving content through port 8080. Otherwise, these systems are inconspicuous and appear to operate quite normally. Read the full story [The H Security].
Source: https://threatpost.com/linux-botnet-discovered-091409/72293/