Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world. The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday. The botnet, which Guardicore Labs researchers have named FritzFrog, has a host of other advanced features, including:
- In-memory payloads that never touch the disks of infected servers
- At least 20 versions of the software binary since January
- A sole focus on infecting secure shell, or SSH, servers that network administrators use to manage machines
- The ability to backdoor infected servers
- A list of login credential combinations used to suss out weak login passwords that are more “extensive” than those in previously seen botnets
Administrators who don’t protect SSH servers with both a strong password and a cryptographic certificate may already be infected with malware that’s hard for the untrained eye to detect.
Experts Comments
Linkedin Message
@Niamh Muldoon, Senior Director of Trust and Security EMEA, provides expert commentary at @Information Security Buzz.
"The key lesson to remember Defence in Depth...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-fritzfrog-botnet-targeting-millions-of-servers-including-government-agencies-and-banks
Facebook Message
@Niamh Muldoon, Senior Director of Trust and Security EMEA, provides expert commentary at @Information Security Buzz.
"The key lesson to remember Defence in Depth...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-fritzfrog-botnet-targeting-millions-of-servers-including-government-agencies-and-banks
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Ophir Harpaz, Security Researcher, provides expert commentary at @Information Security Buzz.
"FritzFrog is more all about gaining access and control to victims..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-fritzfrog-botnet-targeting-millions-of-servers-including-government-agencies-and-banks
Facebook Message
@Ophir Harpaz, Security Researcher, provides expert commentary at @Information Security Buzz.
"FritzFrog is more all about gaining access and control to victims..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-fritzfrog-botnet-targeting-millions-of-servers-including-government-agencies-and-banks