Researchers have discovered a new variant of the Gafgyt botnet that exploits weak SSH passwords to mine cryptocurrency using compromised systems' GPU computational power.
Gafgyt is evolving to target robust servers in cloud-native environments, leveraging known vulnerabilities and weak credentials to capture devices and orchestrate DDoS attacks.
The latest attack chains involve brute-forcing SSH servers, deploying payloads for cryptocurrency mining, while eliminating existing malware on the compromised machines.
This IoT botnet, discovered to be operating since 2014, has dynamically adapted over time by implementing new methods and features, including a worming module for propagation.
Collection
[
|
...
]