New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022
SSH enables encrypted remote access and administration, but weak credentials, exposed services, and misconfiguration can permit unauthorized access.
Search across headline titles and summaries.
Background for this topic.
SSH (Secure Shell) is a protocol for establishing a cryptographically protected connection to a remote computer. It supports interactive administration, command execution, file transfer, and related services such as port forwarding. SSH provides confidentiality and integrity for the session, while host keys help the client verify that it is connecting to the intended server.
Security depends on how SSH is deployed and how its credentials are managed. An internet-exposed service may attract password guessing, and vulnerable SSH implementations can provide an entry point; a stolen private key or an overly permissive authorized_keys entry may enable unauthorized access. Useful controls include timely patching, restricting network exposure, disabling password authentication where practical, protecting keys with strong passphrases or hardware-backed storage, limiting account privileges, and reviewing authentication logs. Administrators should verify host keys to reduce man-in-the-middle risk and promptly remove or rotate credentials during personnel changes or suspected compromise.
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.
ExtraHop study finds sensitive protocols are not being managed securely
A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing persistence. [...]