Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation Against Linux

posted by Roy Schestowitz on Dec 29, 2023,
updated Dec 29, 2023

• Wave of Cyberattacks Targeting Linux SSH Servers: An In-Depth Analysis [Ed: Typical FUD, blaming the wrong]

  Security researchers have unearthed a series of cyberattacks, meticulously targeting Linux SSH servers with frail security measures. This novel wave of cyberattacks has been scrutinized by specialists at AhnLab Security Emergency Response Center (ASEC), revealing a sophisticated modus operandi aimed at exploiting vulnerabilities in ineptly managed servers.

• Experts analyzed attacks against poorly managed Linux SSH servers [Ed: It is a password issue, not Linux or SSH]

  Researchers warn of attacks against poorly managed Linux SSH servers that mainly aim at installing DDoS bot and CoinMiner.

• Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining [Ed: Microsoft parrots, trying to associate SSH and Linux with doom because people can choose bad passwords (or lose these)]

  Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.

  "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on the dark web," the AhnLab Security Emergency Response Center (ASEC) said in a report on Tuesday.

An update

Jack Wallen helping this FUD:

• Linux Machines with Poorly Secured SSH Servers are Under Attack

  A new cryptocurrency miner is attacking Linux servers to co-opt them into a cryptocurrency mining network as well as spreading distributed denial-of-service attacks.

  The AhnLab Security Emergency Response Center (ASEC) released a report that indicates bad actors are guessing SSH credentials – using dictionary attacks – to install port scanners and malware (such as DDOSbot and CoinMiner).

  Once the malicious software is installed, it then scans for other servers to continue the spread. Those same bad actors also can sell the breached IP and account credentials on the dark web.

  The attacks are searching for systems with port 22 (the default SSH port) open and then hitting the server with the dictionary attack to install and propagate the malware.

More FUD opportunism:

• Linux SSH servers are under attack once again [Ed: This is about bad passwords, not Linux or SSH]

  Hackers are once again targeting poorly secured Linux SSH servers, researchers have claimed.

  The aim of the attackers is to install tools that will enable them to breach more servers. Ultimately, they either sell this access to their peers or install cryptocurrency miners and other malware on the endpoints.

  Cybersecurity researchers from the AhnLab Security Emergency Response (ASEC) claim to have observed threat actors installing port scanners and dictionary tools on vulnerable servers.

CIA-funded site relays anti-Linux FUD:

• Careless oversight of Linux SSH servers draws cryptominers, DDoS bots

  Cybercriminals are targeting poorly managed Linux SSH servers to install malware for cryptomining or carrying out distributed denial-of-service attacks, researchers have found.

Parroting one another, blaming "Linux" for compromised passwords:

• Vulnerable Linux SSH servers targeted for cryptomining, DDoS attacks

  Threat actors have been targeting insecure Linux SSH servers with dictionary attack tools and port scanners in a bid to facilitate cryptocurrency mining and distributed denial-of-service attacks, The Hacker News reports.