Best Top Reviews Online

New shc-based Linux Malware with Cryptocurrency Miner Targeting Systems

On compromised systems, a new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner.

According to a report published today by the AhnLab Security Emergency Response Center (ASEC), it is presumed that after successful authentication via a dictionary attack on poorly managed Linux SSH servers, the malware was installed on the target system.

shc enables the direct conversion of shell scripts to binaries, protecting against unauthorized source code modifications. It is similar to the Windows BAT2EXE utility, which converts any batch file to an executable.

A successful compromise of the SSH server, as described by the South Korean cybersecurity firm, results in the deployment of an shc downloader malware and a Perl-based DDoS IRC Bot.

The shc downloader then fetches the XMRig miner software to mine cryptocurrency, and the IRC bot can establish connections with a remote server to retrieve commands for launching distributed denial-of-service (DDoS) attacks.

This bot supports DDoS attacks such as TCP flood, UDP flood, and HTTP flood, as well as command execution, reverse shell, port scanning, and log deletion, according to ASEC researchers.

The fact that all shc downloader artifacts were uploaded to VirusTotal from South Korea suggests that the campaign is primarily aimed at Linux SSH servers with inadequate security in South Korea.

It is recommended that users practice good password hygiene and periodically change their passwords to prevent brute-force and dictionary attacks. It is also recommended to maintain updated operating systems.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus
Security is a $10 Billion Business for Microsoft

January 28, 2021

NEWS ANALYSIS: Microsoft generated a staggering $10 billion in security-related revenues in the past year and is now a leader in enterprise cybersecurity. Microsoft’s decades-long transformation from an embarrassment to a legitimate cybersecurity powerhouse is yielding significant financial returns: over…

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.