all InfoSec news
Threat Actors Installing Linux Backdoor Accounts
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) is using a Linux SSH honeypot to monitor attacks against unspecified Linux systems. Threat actors install malware by launching brute force and dictionary attacks against Linux systems that are poorly managed, such as using default settings or having a simple password.
While there is a variety of attack cases including those where worms, CoinMiners, and DDoS bots are installed, this post will cover attack cases where backdoor accounts are created instead of malware. Such attacks …
accounts ahnlab asec attack attacks backdoor brute cases center default default settings dictionary attacks honeypot install intelligence linux linux systems malware malware analysis managed monitor password security security intelligence settings simple ssh systems threat threat actors