The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
SecurityWeek

New ‘SSHStalker’ Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.

Patch now - this new botnet is targeting HPR OneView vulnerabilities

The critical flaw represents real-world risk ...
Cybernews

Major malware adds Linux variant, thousands of hosting servers infected

A newly discovered Linux variant of the SystemBC remote access trojan has infected over 10,000 hosting servers globally.
Dark Reading

400K Linux Servers Recruited by Resurrected Ebury Botnet

A Linux-based botnet is alive and well, powering cryptocurrency theft and financial scams years after the imprisonment of one the key perpetrators behind it. The Ebury botnet — which was first ...
Bleeping Computer

Ebury botnet malware infected 400,000 Linux servers since 2009

A malware botnet known as 'Ebury' has infected almost 400,000 Linux servers since 2009, with roughly 100,000 still compromised as of late 2023. ESET researchers have been following the financially ...
SiliconANGLE

Botnets leverage decade-old D-Link vulnerabilities in new attack campaigns

A new report out today from Fortinet Inc.’s FortiGuard Labs details the activities of two different botnets observed through October and November that are being spread through vulnerabilities in ...