SSH
Researchers discover SSHStalker botnet infecting Linux servers
Reported by AI Image generated by AI
Flare researchers have identified a new Linux botnet called SSHStalker that has compromised around 7,000 systems using outdated exploits and SSH scanning. The botnet employs IRC for command-and-control while maintaining dormant persistence without immediate malicious activities like DDoS or cryptomining. It targets legacy Linux kernels, highlighting risks in neglected infrastructure.
Pangolin, an open-source remote access platform, has issued version 1.16, introducing an SSH authentication daemon and other enhancements. The update integrates SSH access with the platform's identity system, using certificate-based authentication. It also improves resource visibility and adds server-side data processing features.