
FritzFrog malware attacks Linux servers over SSH to mine Monero - axsharma
https://www.bleepingcomputer.com/news/security/fritzfrog-malware-attacks-linux-servers-over-ssh-to-mine-monero/
======
Normille
I'm often impressed by the cleverness of the programming behind these bots /
malwares and the ways they try and avoid detection and communicate back to
their controllers.

I can't help but wonder though; in a case like this where the malware is
written in a relatively new language like Golang and uses some quite
specialist techniques, whether the person behind it might be 'fingerprinting'
themselves just by being one of a relatively small group of people who can do
all of this 'stuff'?

------
axsharma
Fileless, serverless, versatile and advanced FritzFrog is a botnet AND a worm
that masters self-replication, deployment, growth and mining crypto.

Over 500 servers in the US and Europe belonging to government, education,
healthcare and finance sectors have been breached already.

Guardicore Labs has identified the strand and provided remediation guidance.

~~~
baybal2
> government, education, healthcare and finance sectors

Very strange pick of victims for a cryptominer. Can it be just a cover?

