ShellBot Malware Evades Detection Using Hexadecimal IP Addresses

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

ShellBot malware, targeting poorly managed Linux SSH servers, now employs hexadecimal IP addresses in its download URLs to evade detection. This change highlights the need for strong security measures and regular updates for administrators to protect against ShellBot attacks on Linux servers.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.