New shc Linux Malware used to deploy CoinMiner

04-Jan-23

The ASEC investigation team recently found that threat actors were using Linux malware that was created with the Shell Script Compiler (shc) to instal a CoinMiner. The experts think that a dictionary attack on vulnerable Linux SSH servers allowed attackers to first gain access to targeted devices.

The following is a decoded Bash shell script of the Shc virus that was disclosed by a client organisation that was the victim of an infiltration attack. XMRig CoinMiner is downloaded and installed from the currently accessible address, and it processes files downloaded from external sources.

Read More…