One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 547898 |
| Date de publication | 2018-03-28 15:10:02 (vue: 2018-03-28 18:01:20) |
| Titre | GoScanSSH Malware Targets Linux Servers |
| Texte | A recently discovered malware family written using the Golang (Go) programming language is targeting Linux servers and using a different binary for each attack, Talos warns. Dubbed GoScanSSH because it compromises SSH servers exposed to the Internet, the malware's command and control (C&C) infrastructure leverages the Tor2Web proxy service to prevent tracking and takedowns. The malware operators, Talos believes, had a list of more than 7,000 username/password combinations they would use to authenticate to the servers, after which they would create a unique GoScanSSH binary to upload and execute on the server. The actors behind this threat would target weak or default credentials used across a variety of Linux-based devices. Usernames used in the attack include admin, guest, oracle, osmc, pi, root, test, ubnt, ubuntu, and |
| Notes | |
| Envoyé | Oui |
| Condensat | 250 579 active activity ads are arghire arghire:fileless around associated async attack attackers attacks attempts been being best builder c&c changed columns com/js/plusone compromise concludes constant constantly continuously correspondent could createelement credentials crypter crypto cryptocurrency cybercriminals default demonstrate deploying discovered document domains emerges employ ensure environments exploit exposed extensionnew facebook firefox found from function getelementsbytagname google goscanssh had hardened have how https://apis industry insertbefore international internet ionut isolates largest launched leverages links linux malware may mining monitored new news number office organizations other parentnode practices previous prior production protected raspberry related: remain requests researchers risk run script security securityweek seen servers serversjrat service should sponsored src stay systems t46 t47 tags: talos targets text/javascript them these threadkit times total true; tweet type undetected undetectedmozilla var windows: world “these |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.