Cryptocurrency-Mining Botnet Malware Arrives Through ADB and Spreads Through SSH
released on 2019-06-21 @ 12:32:29 PM
We observed a new cryptocurrency-mining botnet malware that arrives via open ADB (Android Debug Bridge) ports and can spread via SSH. This attack takes advantage of the way open ADB ports don’t have authentication by default, similar to the Satori botnet variant we previously reported. This bot’s design allows it to spread from the infected host to any system that has had a previous SSH connection with the host.