"Hackers Take Aim at SSH Keys in New Attacks"
Hackers have intensified their scanning of servers hosting WordPress websites in order to gather SSH private keys. Upon further investigation after a customer reported scans being performed on their live traffic for SSH private keys, it has been discovered that 25,000 scans were being carried out each day. Hackers could use stolen SSH private keys to access servers or systems of which the private keys are used for authentication. In the search for private SSH keys, adversaries use certain terms to find web directories that have stored SSH private keys. This article further discusses the increased targeting of SSH private keys, how hackers are scanning for SSH private keys, the inadequacy of SSH security practices followed by businesses, and how the exposure of SSH keys poses a threat to organizations.
Threatpost reports "Hackers Take Aim at SSH Keys in New Attacks"