Security News > 2023 > June > New proxyjacking attacks monetize hacked SSH servers’ bandwidth
Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through proxyware services that pay for sharing unused Internet bandwidth.
Like cryptojacking, which allows attackers to use hacked systems to mine for cryptocurrency, proxyjacking is a low-effort and high-reward tactic of leeching compromised devices' resources.
Proxyjacking is harder to detect because it only leeches on hacked systems' unused bandwidth and doesn't impact their overall stability and usability.
Akamai first spotted the attacks on June 8 after multiple SSH connections were made to honeypots managed by the company's Security Intelligence Response Team.
Once connected to one of the vulnerable SSH servers, the attackers deployed a Base64-encoded Bash script that added the hacked systems to Honeygain's or Peer2Profit's proxy networks.
Hackers infect Linux SSH servers with Tsunami botnet malware.
News URL
Related news
- Crafting Shields: Defending Minecraft Servers Against DDoS Attacks (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- New HTTP/2 DoS attack can crash web servers with a single connection (source)
- Roku warns 576,000 accounts hacked in new credential stuffing attacks (source)
- Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)