"New SHC-Based Linux Malware Targeting Systems With Cryptocurrency Miner"

A new Linux malware created with the Shell Script Compiler (SHC) has been seen deploying a cryptocurrency miner on infected systems. The AhnLab Security Emergency Response Center (ASEC) suspects that following successful authentication through a dictionary attack on poorly managed Linux SSH servers, various malware were deployed on the target system. SHC enables the direct conversion of shell scripts to binaries, protecting against unauthorized source code modifications. It is similar to the Windows BAT2EXE utility, which converts any batch file to an executable. A successful hack of the SSH server, as described by the cybersecurity firm, results in the deployment of a SHC downloader malware and a Perl-based Distributed Denial-of-Service (DDoS) IRC Bot. The SHC downloader fetches the XMRig miner software to mine cryptocurrency, and the IRC bot is able to make connections with a remote server to retrieve commands for launching DDoS attacks. This article continues to discuss researchers' findings regarding the new Linux malware developed using SHC that has been deploying a cryptocurrency miner on compromised systems.

THN reports "New SHC-Based Linux Malware Targeting Systems With Cryptocurrency Miner"