SecurityWeek

New ‘SSHStalker’ Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.
HHS

DreamBus Botnet Targets Linux Systems

Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that’s installing the XMRig cryptominer on powerful enterprise-class Linux and Unix systems with the goal of using their ...

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
Network World

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...
ZDNet

DreamBus botnet targets enterprise apps running on Linux servers

Chances are that if you deploy a Linux server online these days and you leave even the tiniest weakness exposed, a cybercrime group will ensnare it as part of its botnet. The latest of these threats ...