A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts.
Dubbed FritzFrog, “the decentralized botnet targets any device that exposes an SSH server — cloud instances, data center servers, routers, etc. — and is capable of running any malicious payload on infected nodes,” Akamai researchers said in a report shared with The Hacker News.
The new wave of attacks commenced in early December 2021, only to pick up the pace and register a 10x growth in its infection rate in a month’s time, while peaking at 500 incidents per day in January 2022. The cybersecurity firm said it detected infected machines in a European television channel network, a Russian manufacturer of healthcare equipment, and multiple universities in East Asia.
FritzFrog was first documented by Guardicore in August 2020, elaborating the botnet’s proficiency to strike and infect more than 500 servers spanning across Europe and the U.S. since January that year. A large concentration Read more: https://bit.ly/3GHDeFw