CySecurity News – Latest Information Security and Hacking Incidents
XorDdos, a stealthy distributed denial-of-service (DDoS) malware targeting Linux devices has witnessed a massive 254% increase in activity during the last six months, Microsoft revealed in a report.
The malware launches automated password-guessing assaults across thousands of Linux servers to find identical admin credentials used on Secure Shell (SSH) servers. SSH is a secure network communications protocol commonly used for remote system administration.
Once XorDdos identifies valid SSH credentials, it uses root privileges to run a script that downloads and installs XorDdos on the target device. It also employs XOR-based encryption to communicate with the attacker’s command and control infrastructure.
The malware enables adversaries to create potentially significant disruptions on target systems and is used to bring in other dangerous threats or to provide a vector for follow-on activities. Microsoft found that devices first infected with XorDdos were later infected with additional malware such as the Tsunami backdoor, which further deploys the XMRig coin m
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: