One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 5167212 |
| Date de publication | 2022-06-15 08:43:00 (vue: 2022-06-15 16:05:13) |
| Titre | New peer-to-peer botnet Panchan hijacks Linux servers |
| Texte | Researchers warn of a new worm that's infecting Linux servers by brute-forcing and stealing SSH credentials. The hijacked servers are joined in a botnet and are used to mine cryptocurrency by loading mining programs directly in memory with no files on disk.Dubbed Panchan by researchers from Akamai, the malware is written in the Go programming language, which allows it to be platform independent. It first appeared in late March and has infected servers in all regions of the world since then, though Asia does seem to have a bigger concentration. The most impacted vertical seems to be education."This might be due to poor password hygiene, or it could be related to the malware's unique lateral movement capability with stolen SSH keys," the Akamai team said in a blog post. "Researchers in different academic institutions might collaborate more frequently, and require credentials to authenticate to machines that are outside of their organization/network, than employees in the business sector. To strengthen that hypothesis, we saw that some of the universities involved were from the same country - Spain, or others from the same region, like Taiwan and Hong Kong."To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | academic akamai all allows appeared are article asia authenticate bigger blog botnet brute business capability click collaborate concentration could country credentials cryptocurrency different directly disk does dubbed due education employees files first forcing frequently from full has have here hijacked hijacks hong hygiene hypothesis impacted independent infected infecting institutions involved joined keys kong language late lateral like linux loading machines malware march memory might mine mining more most movement new organization/network others outside panchan password peer platform please poor post programming programs read region regions related require researchers said same saw sector seem seems servers since some spain ssh stealing stolen strengthen taiwan team than that then though unique universities used vertical warn which world worm written |
| Tags | Malware |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.