ShellBot Malware Evades Detection Using Hexadecimal IP Addresses
ShellBot Malware Evades Detection Using Hexadecimal IP Addresses
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
ShellBot malware, targeting poorly managed Linux SSH servers, now employs hexadecimal IP addresses in its download URLs to evade detection. This change highlights the need for strong security measures and regular updates for administrators to protect against ShellBot attacks on Linux servers.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.