SSHStalker, a newly uncovered Linux botnet, combines automated SSH brute-forcing with IRC-based control, leveraging old exploits to infect thousands of servers. Its noisy but effective methods reveal that legacy cybercrime tactics can still threaten modern infrastructure.
SSHStalker is a sophisticated botnet operation exploiting legacy Linux vulnerabilities and using IRC-based command-and-control. Unlike typical botnets, it prioritizes persistence and stealth over noisy attacks, raising alarms about dormant threats in outdated infrastructure.
SSHStalker revives old IRC botnet methods with an automated SSH exploit pipeline, compromising thousands of legacy Linux hosts for cryptomining and credential theft—especially in cloud environments.
SSHStalker, a newly discovered Linux botnet, is using old-school IRC channels to coordinate large-scale attacks, brute-force SSH credentials, and mine cryptocurrency on cloud infrastructure.
A newly discovered Linux botnet called SSHStalker is using 2009-era exploits to infect thousands of legacy systems, highlighting the hidden dangers of unpatched, forgotten servers on the internet.