#noabot — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #noabot, aggregated by home.social.
-
NoaBot: Stark verbesserte Mirai-Variante frisst sich durch Linux-Geräte
https://winfuture.de/news,140563.html #Cybercrime #Botnetz #NoaBot #Mirai #Linux -
#Linux devices are under attack by a never-before-seen worm
Worm "NoaBot" is a variant of the Mirai #malware. Mirai typically infects devices to then use them in DDoS attacks.
#NoaBot takes a similar approach to Mirai when infecting devices; it primarily relies on brute forcing default/weak passwords over a telnet connection. It drops #cryptocurrency miners on infected devices instead of recruiting them for DDoS attacks.
Ensure telnet (port 23) is disabled on your devices and you are NOT using default #passwords. Most consumer devices like routers shouldn't have telnet enabled, but misconfigurations certainly happen.
-
Mirai-based botnet exploits weak authentication to mine fake money.
A worm has been quietly building a #botnet for the past year. It breaks into Linux #SSH servers with weak authentication. Akamai dubbed it #NoaBot.
The zombie servers then mine #cryptocurrency. In #SBBlogwatch, we urge a switch to key-based auth. At @TechstrongGroup’s @SecurityBlvd: https://securityboulevard.com/2024/01/noabot-ssh-linux-crypto-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
-
While reading on the latest #noabot #malware currently in the news https://www.akamai.com/blog/security-research/mirai-based-noabot-crypto-mining and more particularly how to detect its presence https://github.com/akamai/akamai-security-research/tree/main/malware/noabot, I've discovered the very neat #osquery tool https://www.osquery.io/.
I'm impressed how easy and expressive SQL queries can be run in parallel on all my servers to query packages/configuration items/users etc ...
It's now installed everywhere 😉