Known SSH-Snake bites more victims with multiple OSS exploitation
- by nlqip
Additionally, the threat actor deploys cryptominers to profit from compromised systems, the cloud security intelligence and solutions provider added.
CRYSTALRAY leverages existing vulnerability proof of concepts (PoCs) and uses OSS penetration testing tools to scan a list of targets against these vulnerabilities. Once detected, they modify the existing PoCs for their payload and drop them onto victims’ systems for initial access.
“CRYSTALRAY’s motivations are to collect and sell credentials, deploy cryptominers, and maintain persistence in victim environments,” Sysdig added. “Some of the OSS tools the threat actor is leveraging include zmap, asn, httpx, nuclei, platypus, and SSH-Snake.”
Source link
lol
Additionally, the threat actor deploys cryptominers to profit from compromised systems, the cloud security intelligence and solutions provider added. CRYSTALRAY leverages existing vulnerability proof of concepts (PoCs) and uses OSS penetration testing tools to scan a list of targets against these vulnerabilities. Once detected, they modify the existing PoCs for their payload and drop them…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA