The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
Bleeping Computer

Updated Miori Botnet C2 Server Tells Researchers to F*** Off

A new version of the Miori botnet added protection to the login panel of its command and control server, hanging a "not welcome" message for connections likely coming from a security researcher. Until ...
Threat Post

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a ...
Dark Reading

PumaBot Targets Linux Devices in Latest Botnet Campaign

A novel Go-based Linux botnet, dubbed "PumaBot," has been observed targeting Internet of Things (IoT) devices. PumaBot differentiates itself from typical botnets by remotely retrieving a list of ...