"Experts Analyzed Attacks Against Poorly Managed Linux SSH Servers"

AhnLab Security Emergency Response Center (ASEC) researchers are warning about attacks on poorly managed Linux SSH servers in which Distributed Denial-of-Service (DDoS) bots and CoinMiners are installed. During the reconnaissance phase, threat actors scan IP addresses for servers with the SSH service or port 22 activated, then carry out a brute force or dictionary attack to get the ID and password. They can sell compromised IP addresses and account credentials on the dark web. ShellBot, Tsunami, ChinaZ DDoS Bot, and XMRig CoinMiner are examples of malware commonly used in attacks against poorly managed Linux SSH servers. This article continues to discuss findings regarding the attacks against poorly managed Linux SSH servers.

Security Affairs reports "Experts Analyzed Attacks Against Poorly Managed Linux SSH Servers"

Submitted by grigby1

Submitted by Gregory Rigby on