FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is a peer-to-peer (rather than centrally-controlled) botnet powered by malware written in Golang. It targets SSH servers by brute-forcing login credentials, and has managed to compromise thousands of them worldwide. “Each compromised host … More →

The post …

akamai august bot botnet cryptomining cve cve-2021-4034 cve-2021-44228 don't miss escalation exploit exploiting exploits fritzfrog growth hot stuff lateral movement linux log4j log4shell malware peer-to-peer privilege privilege escalation pwnkit vulnerabilities vulnerability written