FritzFrog Botnet Attacks Millions of SSH Servers

FritzFrog Botnet Attacks Millions of SSH Servers

The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally. A peer-to-peer (P2) botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January.

The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally.

A peer-to-peer (P2) botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January.

SSH servers are pieces of software found in routers and IoT devices, among other machines, and they use the secure shell protocol to accept connections from remote computers. SSH servers are common in enterprise and consumer environments alike.

According to an analysis from Guardicore Labs, FritzFrog propagates as a worm, brute-forcing credentials at entities like governmental offices, educational institutions, medical centers, banks and telecom companies. FritzFrog has attempted to compromise tens of millions of machines so far, and has successfully breached more than 500 servers in total, Guardicore researcher Ophir Harpaz said. Victims include well-known universities in the U.S. and Europe, and a railway company; and the most-infected countries are China, South Korea and the U.S.

“FritzFrog executes a worm malware which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk,” Harpaz explained, in a posting on Wednesday. Once the server is compromised, “the malware creates a backdoor in the form of an SSH public key, enabling the attackers ongoing access to victim machines.”

It also can drop additional payloads, such as cryptominers.

web security botnet brute force cryptomining fileless security

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Best Custom Web & Mobile App Development Company

Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots

7 Web Application Security Best Practices

Here is a list of seven key elements that should be considered in your web app security strategy. Web Application Security has been one of the most significant parts when it comes to web app development.

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Researchers warn of a spike in the cryptocurrency-mining botnet since August 2020. Researchers are warning of a recent dramatic uptick in the activity of the Lemon Duck cryptocurrency-mining botnet, which targets victims' computer resources to mine the Monero virtual currency.

9 Secure Code Review Best Practices For Your Web Application

Due to rising customer demands and rapid, feature-driven development, security often takes the backseat and vulnerabilities are introduced…

HEH P2P Botnet Sports Dangerous Wiper Function

The P2P malware is infecting any and all types of endpoints via brute-forcing, with 10 versions targeting desktops, laptops, mobile and IoT devices.