New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Content source
https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot.

"ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report.

ShellBot is installed on servers that have weak credentials, but only after threat actors make use of scanner malware to identify systems that have SSH port 22 open.

A list of known SSH credentials is used to initiate a dictionary attack to breach the server and deploy the payload, after which it uses the Internet Relay Chat (IRC) protocol to communicate with a remote server.
Click to expand...
thehackernews.com

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

Linux SSH servers with poor management targeted by new ShellBot malware campaign.
thehackernews.com thehackernews.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: upnorth, silversurfer, [correlate] and 1 other person
MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
securityaffairs.com

New Tsunami botnet targets Linux SSH servers

Researchers warn of an ongoing Tsunami DDoS botnet campaign targeting inadequately protected Linux SSH servers.
securityaffairs.com securityaffairs.com

www.bleepingcomputer.com

Hackers infect Linux SSH servers with Tsunami botnet malware

An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
www.bleepingcomputer.com www.bleepingcomputer.com
 
Last edited:
  • Like
Reactions: upnorth
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Applause
New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
Replies
0
Views
763
News Archive
silversurfer
silversurfer
[correlate]
    • Like
Security News Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
Replies
0
Views
917
Security News
[correlate]
[correlate]
Orchid
    • Like
New Mirai malware variant infects Linux devices to build DDoS botnet
Replies
5
Views
791
News Archive
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top