A new campaign targeting Linux systems and IoT devices uses a backdoor to mine cryptocurrency.
The campaign also installs a patched version of OpenSSH on affected devices, allowing threat actors to hijack SSH credentials, move laterally within the network, and conceal malicious SSH connections.
According to the company’s research, a significant part of the reason for its popularity among threat actors lies in the security flaws of IoT devices.
These remote code execution vulnerabilities have a combination of low complexity and high impact, making them an irresistible target for threat actors.
This latest campaign uses a combination of misconfigured Linux hosts are brute-forced to gain initial access, following which the threat actors move to disable shell history and fetch a trojanized version of openSSH from a remote server.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply