Mastodawn

Find out about a new botnet attacking Linux systems
https://www.linux-magazine.com/Online/News/New-Linux-Botnet-Discovered?utm_source=mlm
#Linux #SSHStalker #botnet #security #IRC #DDoS #Attack

Yaniv Klein

Feb 23

My main server is receiving like 10 times the SSH brute-force attempts in the last few days. Is this #SSHStalker ? Dear god it’s annoying AF.

Teddy / Domingo (🇨🇵/🇬🇧)Feb 14

Le #botnet SSHStalker compromet 7 000 #serveurs #Linux
Baptisé #SSHStalker par des experts de Flare Systems (société canadienne de #cybersécurité), le botnet enrôle des (...)
https://www.lemondeinformatique.fr/actualites/lire-le-botnet-sshstalker-compromet-7-000-serveurs-linux-99353.html

Le botnet SSHStalker compromet 7 000 serveurs Linux - Le Monde Informatique

Selon des chercheurs, un botnet cible particulièrement les serveurs Linux dont l'authentification SSH est faible. Par force brute, il a réussi à...

LeMondeInformatique

The New Oil Feb 11

New #Linux #botnet #SSHStalker uses old-school #IRC for C2 comms

https://www.bleepingcomputer.com/news/security/new-linux-botnet-sshstalker-uses-old-school-irc-for-c2-comms/

#cybersecurity

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.

BleepingComputer

The Threat Codex Feb 11

Old-School IRC, New Victims: Inside the Newly Discovered SSHStalker Linux Botnet
#SSHStalker
https://flare.io/learn/resources/blog/old-school-irc-new-victims-inside-the-newly-discovered-sshstalker-linux-botnet

Old-School IRC, New Victims: Inside the Newly Discovered SSHStalker Linux Botnet - Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime

Flare’s research team has uncovered a previously undocumented Linux botnet operation we’re calling SSHStalker. To the best of our knowledge, no other research team has reported on this threat actor. Our SSH honeypot captured multiple attacks over two months, revealing a sophisticated operation that blends 2009-era Internet Relay Chat (IRC) botnet tactics with modern mass-compromise […]

Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime

securityaffairs Feb 11

#SSHStalker #botnet targets Linux servers with legacy exploits and SSH scanning
https://securityaffairs.com/187833/malware/sshstalker-botnet-targets-linux-servers-with-legacy-exploits-and-ssh-scanning.html
#securityaffairs #hacking #malware

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware.

Security Affairs

Will

Feb 10

#SSHStalker new #Linux #Cyberthreat deploys scanners, malware, an IRC bot, and kernel exploits through a mass-compromise pipeline targeting Linux servers. #Linux admins enforce strong SSH passwords, apply patches, and restrict access through firewall policies.

https://www.securityweek.com/new-sshstalker-linux-botnet-uses-old-techniques/

New 'SSHStalker' Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

SecurityWeek