1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This new Linux malware floods machines with cryptominers and DDoS

    From TechnologyDaily@1337:1/100 to All on Fri Jan 6 22:00:03 2023
    This new Linux malware floods machines with cryptominers and DDoS bots

    Date:
    Fri, 06 Jan 2023 21:52:43 +0000

    Description:
    Linux machines targeted with XMRig malware and being turned into DDoS bots.

    FULL STORY ======================================================================

    Cybersecurity researchers have spotted a new Linux malware downloader that targets poorly defended Linux servers with cryptocurrency miners and DDoS IRC bots.

    Researchers from ASEC discovered the attack after the Shell Script Compiler (SHC) used to create the downloader was uploaded to VirusTotal. Apparently, Korean users were the ones uploading the SHC, and its Korean users who are targets, as well.

    Further analysis has shown that the threat actors are going after poorly defended Linux servers, brute-forcing their way into administrator accounts over SSH. Mining Monero

    Once they make their way in, theyll either install a cryptocurrency miner, or a DDoS IRC bot. The miner being deployed is XMRig, arguably the most popular cryptocurrency miner among hackers. It uses the computing power of a victim's endpoints to generate Monero, a privacy-oriented cryptocurrency whose transactions are seemingly impossible to track, and whose users are allegedly impossible to identify.

    For the DDoS IRC bot, the threat actors can use it to run commands such as
    TCP Flood, UDP Flood, or HTTP Flood. They can run port scanning, Nmap scanning, kill various processes, clean up the logs, and more. Read more

    Linux systems are being bombarded with ransomware and cryptojacking
    attacks



    Windows and Linux servers turned into crypto miners



    These are the best firewalls right now

    "Because of this, administrators should use passwords that are difficult to guess for their accounts and change them periodically to protect the Linux server from brute force attacks and dictionary attacks, and update to the latest patch to prevent vulnerability attacks," ASEC said in its report.

    "Administrators should also use security programs such as firewalls for servers accessible from outside to restrict access by attackers."

    Linux systems are being constantly bombarded with malicious deployments, most often ransomware and cryptojacking.

    A VMware report from February 2022 said the continued success of Linux services in the digital infrastructure and cloud industries, as well as the fact that most anti-malware and cybersecurity solutions are focused on protecting Windows-based devices, put Linux on thin ice. Here's our list of the best antivirus software

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-new-linux-malware-floods-machines-with-cry ptominers-and-ddos-bots


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)