Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots
Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on inadequately secured Linux SSH servers. Once it gains access to a system, it installs several different types of malware, including the Shc downloader, XMRig CoinMiner, and a DDoS IRC Bot developed with Perl.