Security News > 2023 > October > ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
2023-10-12 11:27
The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value," the AhnLab Security Emergency response Center (ASEC)
News URL
https://thehackernews.com/2023/10/shellbot-uses-hex-ips-to-evade.html
Related news
- Crafting Shields: Defending Minecraft Servers Against DDoS Attacks (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries (source)
- Malicious SSH backdoor sneaks into xz, Linux world's data compression library (source)
- DinodasRAT malware targets Linux servers in espionage campaign (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- New HTTP/2 DoS attack can crash web servers with a single connection (source)
- XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor (source)
- New Spectre v2 attack impacts Linux systems on Intel CPUs (source)
- Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack (source)