Aug 19, 2019 · Information Security

Investigating an SSH Brute‑Force Compromise and Hidden Mining Malware on a Linux Server

A client reported unexpected outbound attack traffic from a server, prompting a step‑by‑step forensic investigation that confirms an SSH brute‑force breach, analyzes logs, identifies malicious network connections and cron jobs, uncovers hidden mining malware, and provides hardening recommendations to secure the Linux host.

ForensicsLinuxSSH brute force

0 likes · 5 min read

Investigating an SSH Brute‑Force Compromise and Hidden Mining Malware on a Linux Server

ITPUB

Jan 11, 2018 · Information Security

Unmasking PyCryptoMiner: How a Python‑Based Botnet Hijacks Linux Servers for Monero Mining

F5 Networks researchers uncovered the PyCryptoMiner Linux botnet, which exploits exposed SSH ports, uses Python scripts and Pastebin for C&C, leverages CVE‑2017‑12149, and has mined roughly $46,000 worth of Monero by compromising vulnerable servers.

BotnetCVE-2017-12149Linux

0 likes · 5 min read

Unmasking PyCryptoMiner: How a Python‑Based Botnet Hijacks Linux Servers for Monero Mining