Lucene search
K

A proxyjacking campaign is looking for vulnerable SSH servers

🗓️ 30 Jun 2023 22:15:00Reported by Malwarebytes blogType 
malwarebytes
 malwarebytes
🔗 www.malwarebytes.com👁 46 Views

A researcher at Akamai has highlighted a new cybercriminal campaign called proxyjacking, where cybercriminals are exploiting vulnerable SSH servers to rent out compromised systems and sell bandwidth to proxy services. The criminals utilize legitimate services like Peer2Profit and Honeygain, which do not sufficiently vet the origins of shared bandwidth. The attack is fileless, uses legitimate software like curl and Docker, and is less likely to be detected compared to cryptojacking. Protection strategies include keeping systems and software updated, using strong passwords, monitoring network traffic, tracking containerized applications, and implementing key-based authentication for SSH

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation