Since the middle of June, a brute-force attack has been going on using the RapperBot botnet. To gain access to devices, it is necessary to gain entry to Linux SSH servers.
Fortinet spotted some strange SSH-related strings and started to investigate, which led to the discovery of the botnet. They discovered a self-propagation function in the bot employing a remote binary downloader that was taken down in the middle of July. Read More…