• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 26th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

New Linux SSH Brute-force LUA Bot Shishiga Detected in the Wild

April 26th, 2017 Jahanzaib Hassan Security, Malware 0 comments
New Linux SSH Brute-force LUA Bot Shishiga Detected in the Wild
Share on FacebookShare on Twitter

A new Linux malware has been spotted in the wild by security researchers at Eset, and it is much more sophisticated than any of the previously known Linux based malware. The security researchers have named this malware as “Linux/Shishiga” which utilizes four different protocols according to Eset research team. The protocols used are Telnet, HTTP and BitTorrent, SSH and Lua scripts.

A new Lua Family

Eset researchers revealed that the malware is a new Lua family which means it’s written in Lua programming language and is capable of doing much more damage than any of the previously known malware. Michal Malik of Eset writes in his blog post that “Linux/Shishiga (meaning female swamp (or forest) creature in the Russian language) is a binary packed with UPX (ultimate packer for executables) 3.91.”

The Luabot malware was discovered last year infecting Linux devices and using them to conduct DDoS (Distributed Denial of Service) attacks. The researchers who discovered LuaBot botnet defined it as “the most advanced botnet hitting Linux-based IoT devices”:

Brute-force attack

The malware access the victim’s computer by trying a variety of passwords and the infected PC can then be used by the hacker to offer proxy services or steal unencrypted traffic. It’s safe to say that Linux/Shishiga is a similar version of Linux/Moose. However, the use of brute-force SSH credential attacks makes it quite complicated.

A work-in-progress

According to security researchers, Linux/Shishiga is still a work in progress, and we might get to see some evolved forms of it pretty soon. Mr. Mounir Hahad, Director of Cyphot Labs told Linux Insider that “Unlike the IoT malware Mirai, which targeted default credentials on IoT devices, this brute force attempt to compromise Linux computers is targeting weak passwords people would have chosen.”

[fullsquaread][/fullsquaread]

How to Tackle this Malware?

It is a fact that IoT devices are vulnerable to brute force password attacks since a number of devices are shipped to customers with default login credentials. The users can protect their devices and network from this malware by changing the default password with a strong one. DO NOT use default Telnet and SSH credentials, instead use a strong password! SSH stands for Secure Shell, and it’s a secure way to remotely access a site’s server however in Shishiga’s case situation is different.

Remember, after the development of Mirai malware botnet, IoT devices have become extremely vulnerable to large-scale cyber attack. It was due to Mirai malware that Internet’s largest ever DDoS attack took place last year. Therefore calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator and browse safely.

  • Tags
  • DDOS
  • internet
  • Linux
  • Malware
  • Mirai
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Hyundai Blue Link app vulnerable; login credentials and GPS data at risk
Next article A Look at the 4 Main Functionalities of NetSuite
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Man jailed after attempting to buy 3-year-old girl on dark web
Cyber Crime

Man jailed after attempting to buy 3-year-old girl on dark web

91
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

120
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

159

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us