Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

  /     /     /  
Publicated : 23/11/2024   Category : security


Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers


Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.



Tracked by analysts since mid-June, RapperBot malware has spread through brute-force attacks on SSH servers. The IoT botnet targets devices running on ARM, MIPS, SCARC, and x86 architectures, researchers warn.
The malware is a
Mirai variant
with a few notable, novel features, including ditching the typical Telnet server brute-force approach in favor of attacking SSH servers instead. Fortinet Labs analysts said that since July, RapperBot has changed up its approach from infecting as many servers as possible to maintaining remote access to those compromised SSH servers.
The
malware
 gets its name from a URL that led to a YouTube rap video in early versions, the researchers explained.
Due to some significant and curious changes that RapperBot has undergone, its primary motivation is still a bit of a mystery, the Fortinet
advisory on RapperBot
said. Regardless, since its primary propagation method is brute forcing SSH credentials, this threat can easily be mitigated by setting strong passwords for devices or disabling password authentication for SSH (where possible).

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers