#sshstalker

[ follow ]
#irc-c2 #ssh-scanningworm #legacy-linux-exploits #forensic-evasion #linux-botnet #kernel-exploits
Information security
fromThe Hacker News
3 days ago

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

SSHStalker is an IRC-controlled botnet that uses SSH scanning and legacy Linux exploits to persistently compromise and stealthily retain access to forgotten systems.
fromSecurityWeek
3 days ago

New 'SSHStalker' Linux Botnet Uses Old Techniques

A newly identified Linux botnet is relying on decade-and-a-half-old exploits and techniques, cybersecurity company Flare reports. Dubbed SSHStalker, the botnet uses multiple 2009-era tools and mechanics, including an Internet Relay Chat (IRC) bot and 19 Linux kernel exploits. According to Flare, the botnet is rather noisy, executing a cron job every minute for persistence and using a watchdog 'update' relaunch model, and deploying various scanners and malware on the infected machines.
Information security
[ Load more ]