Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots

Threat Advisories

Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on inadequately secured Linux SSH servers. Once it gains access to a system, it installs several different types of malware, including the Shc downloader, XMRig CoinMiner, and a DDoS IRC Bot developed with Perl.