Python-Based Botnet Targets Linux Systems With Exposed SSH Ports

Experts believe that an experienced cybercrime group has created a botnet from compromised Linux-based systems and is using these servers and devices to mine Monero, a digital currency.

Crooks are apparently using brute-force attacks against Linux systems that feature exposed SSH ports. If they guess the password, they use Python scripts to install a Monero miner.

According to experts from F5 Networks, attackers have also started using an exploit for the JBoss server (CVE-2017-12149) to break into vulnerable computers, but the SSH attacks and brute-force attacks represent this new botnet’s bread and butter.

The attack is unique when compared to other Monero-mining botnets that have arisen in recent months, relying on Python scripts, rather than on malware binaries.


error: Content is protected !!