Comment on Powerful Malware Disguised as Crypto Miner Infects 1M+ Windows, Linux PCs
Eyron@lemmy.world 1 year agoThey describe an SSH infector, as well as a credentials scanner. To me, that sounds like it started like from exploited/infected Windows computers with SSH access, and then continued from there.
With how many unencrypted SSH keys there are, how most hosts keep a list of the servers they SSH into, and how they can probably bypass some firewall protections once they’re inside the network: not a bad idea.
Salamendacious@lemmy.world 1 year ago
I think the original article talked about “spreading” to Linux machines so that generally tracks with what you’re saying that it starts on a Windows machine that itself has access to a Linux machine.