"FritzFrog Botnet Exploits Log4Shell, PwnKit Vulnerabilities"

The FritzFrog cryptocurrency mining botnet is growing as a recently analyzed variant exploits the Log4Shell and PwnKit vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet, discovered in August 2020, is a Peer-to-Peer (P2P) botnet run by Golang-based malware. It targets SSH servers by brute-forcing login credentials and has successfully compromised thousands of them. According to the Akamai Security Intelligence Group (SIG), each compromised host joins FritzFrog's network, communicating with its infected peers to share information, payloads, and configuration. This article continues to discuss the new capabilities of the FritzFrog botnet and defensive measures. 

Help Net Security reports "FritzFrog Botnet Exploits Log4Shell, PwnKit Vulnerabilities"

Submitted by grigby1