Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

New P2P Botnet Infects SSH Servers All Over the World

posted by Fnord666 on Monday August 24 2020, @11:02AM   Printer-friendly
from the pwned dept.

upstart writes in with an IRC submission for nutherguy:

New P2P botnet infects SSH servers all over the world:

Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world.

The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday. P2P botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.

"What was intriguing about this campaign was that, at first sight, there was no apparent command and control (CNC) server being connected to," Guardicore Labs researcher Ophir Harpaz wrote. "It was shortly after the beginning of the research when we understood no CNC existed in the first place."

Original Submission

 
This discussion has been archived. No new comments can be posted.
New P2P Botnet Infects SSH Servers All Over the World | Log In/Create an Account | Top | 20 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Funny) by DannyB on Monday August 24 2020, @03:54PM (7 children)

    by DannyB (5839) Subscriber Badge on Monday August 24 2020, @03:54PM (#1041163) Journal

    Telnet runs on a different port than SSH. Whey the attacker sees that SSH port does not respond, they would never think to try Telnet.

    Thus: Telnet is more secure.

    --
    To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
    Starting Score:    1  point
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by arslan on Monday August 24 2020, @11:00PM (4 children)

    by arslan (3462) on Monday August 24 2020, @11:00PM (#1041378)

    To be "triply" secure I use rsh just in case they the attacker thinks of Telnet.

    • (Score: 2) by FatPhil on Tuesday August 25 2020, @04:12AM (3 children)

      by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Tuesday August 25 2020, @04:12AM (#1041474) Homepage
      I use a 2-factor technique, not just something you know, but something you have, too: I physically plug my keyboard into a spare USB port in the remote machine.

      For an extra layer of security, I've randomly shuffled my keycaps.

      Checkmate, wannabe-hackers!
      --
      Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

      • (Score: 2) by DannyB on Tuesday August 25 2020, @01:18PM (2 children)

        by DannyB (5839) Subscriber Badge on Tuesday August 25 2020, @01:18PM (#1041570) Journal

        For an extra layer of security, I've randomly shuffled my keycaps.

        If you are attempting to protect the secrecy of your password, I have a better bestest practice.

        Simply wear the T-shirt inside out. Nobody can see the password. Problem solved.

        --
        To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.

        • (Score: 0) by Anonymous Coward on Tuesday August 25 2020, @06:17PM (1 child)

          by Anonymous Coward on Tuesday August 25 2020, @06:17PM (#1041728)

          Make sure the password is upside down. That way no one can read it. Turn it right side up when needed.

          • (Score: 2) by arslan on Tuesday August 25 2020, @11:22PM

            by arslan (3462) on Tuesday August 25 2020, @11:22PM (#1041843)

            Eh? Weak sauce. I tattoo it flipped along the vertical axis so no can read it except for myself when I'm looking in the mirror.

  • (Score: 2) by driverless on Tuesday August 25 2020, @04:53AM (1 child)

    by driverless (4770) on Tuesday August 25 2020, @04:53AM (#1041487)

    I use a an even more secure proximity-based biometrically-authenticated distance-bounded airgapped protocol:

    Yo! Paul! Can you do a dist-upgrade on newsbox for me?

    Yeah, and install the latest bin tools too. Thanks!

    • (Score: 0) by Anonymous Coward on Tuesday August 25 2020, @03:19PM

      by Anonymous Coward on Tuesday August 25 2020, @03:19PM (#1041640)

      I use a an even more secure proximity-based biometrically-authenticated distance-bounded airgapped protocol: [...]

      I use a an even more secure proximity-based biometrically-authenticated distance-bounded airgapped alcohol:

      There, FTFY.