AhnLab Security Emergency Response Center (ASEC) cybersecurity researchers have discovered that hackers are actively targeting Linux SSH servers in an effort to spread scanner malware.
Due to their widespread use in hosting essential services, Linux SSH servers are frequently targeted by hackers. The following vulnerabilities make them susceptible to hacker access and potential exploitation. Threat actors use the “go” script to launch SSH dictionary attacks, port scans, and banner grabs. Using “gob” and “rand” scripts, IP classes can be customized.
“bios.txt” contains the results, and “banner.log” contains the banners. In order to use them in dictionary attacks, the “prg” tool extracts IPs with “SSH-2.0-OpenSSH” from “bios.txt,” and the successful logins are saved in “ssh_vuln.”
Read More: Hackers Attacking Linux SSH Servers To Deploy Scanner Malware
Check Out The New TalkDev Podcast. For more such updates follow us on Google News TalkDev News.