Security News > 2022 > February > FritzFrog botnet grows 10x, hits healthcare, edu, and govt systems
The FritzFrog botnet that's been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server.
Researchers at internet security company Akamai spotted a new version of the FritzFrog malware, which comes with interesting new functions, like using the Tor proxy chain.
Akamai calls FritzFrog a "Next-generation" botnet because it combines features that make it stand out from other threats in the same category.
FritzFrog is constantly updating the list of targets and breached machines are constantly updated and its node distribution system ensures an equal number of targets to each node to keep the botnet balanced.
Another novelty in the latest FritzFrog sample is proxying outgoing SSH connections through Tor, obscuring the network structure and limiting the visibility from infected nodes to the botnet network.
FritzFrog targets any device that exposes an SSH server, so admins of data center servers, cloud instances, and routers need to stay vigilant.