"CRYSTALRAY Hacker Expands to 1,500 Breached Systems Using SSH-Snake Tool"
According to researchers at Sysdig, the new threat actor called "CRYSTALRAY" now has over 1,500 victims. The threat actor has stolen credentials and deployed cryptocurrency miners. In February, Sysdig researchers first reported the actor's use of the "SSH-Snake" open source worm to spread laterally on breached networks. SSH-Snake steals SSH private keys from compromised servers and then uses them to move laterally to other servers while dropping additional payloads. This article continues to discuss recent findings regarding the CRYSTALRAY threat actor.
BleepingComputer reports "CRYSTALRAY Hacker Expands to 1,500 Breached Systems Using SSH-Snake Tool"
Submitted by grigby1
Submitted by Gregory Rigby
on