• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new shc based linux malware targeting systems with cryptocurrency miner

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner

You are here: Home / General Cyber Security News / New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
January 4, 2023

A new Linux malware made employing the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised devices.

“It is presumed that after successful authentication by means of a dictionary attack on inadequately managed Linux SSH servers, numerous malware were put in on the goal technique,” AhnLab Security Unexpected emergency Response Center (ASEC) explained in a report published right now.

Linux malware

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


shc lets shell scripts to be converted directly into binaries, featuring protections in opposition to unauthorized resource code modifications. It is really analogous to the BAT2EXE utility in Windows that is used to convert any batch file to an executable.

In an attack chain specific by the South Korean cybersecurity organization, a successful compromise of the SSH server prospects to the deployment of an shc downloader malware alongside with a Perl-centered DDoS IRC Bot.

The shc downloader subsequently proceeds to fetch the XMRig miner software to mine cryptocurrency, with the IRC bot able of developing connections with a remote server to fetch commands for mounting distributed denial-of-assistance (DDoS) attacks.

Linux malware

“This bot supports not only DDoS attacks these as TCP flood, UDP flood, and HTTP flood, but numerous other functions like command execution, reverse shell, port scanning, and log deletion,” ASEC researchers reported.

The actuality that all the shc downloader artifacts had been uploaded to VirusTotal from South Korea indicates that the campaign is mainly centered on inadequately secured Linux SSH servers in the region.

It’s recommended that users adhere to password hygiene and rotate passwords on a periodic basis to avoid brute-force makes an attempt and dictionary attacks. It truly is also advised to continue to keep the operating devices up-to-day.

Identified this posting interesting? Stick to us on Twitter  and LinkedIn to read extra exclusive information we publish.


Some pieces of this posting are sourced from:
thehackernews.com

Previous Post: «synology releases patch for critical rce vulnerability affecting vpn plus Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers
Next Post: NHS is Most Scammed UK Government “Brand” Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Freejacking Campaign By PurpleUrchin Bypasses Captchas
  • ChatGPT Used to Develop New Malicious Tools
  • Dark Web Actors Fight For Drug Trafficking and Illegal Pharmacy Supremacy
  • Kinsing Cryptojacking Hits Kubernetes Clusters via Misconfigured PostgreSQL
  • New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
  • UK insurer announces ‘world-first’ cyber catastrophe bond
  • Why Do User Permissions Matter for SaaS Security?
  • FCC plans strict overhaul of 15-year-old US data breach regulations
  • Security updates for Windows 7 finally end, users urged to upgrade
  • Global Cyber-Attack Volume Surges 38% in 2022

Copyright © TheCyberSecurity.News, All Rights Reserved.