2y ago

Linux devices are under attack by a never-before-seen worm

Based on Mirai malware, self-replicating NoaBot installs cryptomining app on infected devices.

18 comments

the NoaBot targets weak passwords connecting SSH connections.
Harden your configs people.
AllowUsers is a really goood one.
- Or just don't allow password auth at all.
  
  Or just have a good password
Akamai has published an extensive library of indicators that people can use to check for signs of NoaBot on their devices (https://github.com/akamai/akamai-security-research/tree/main)
GCs those Akamai folks...
- What does GC stand for? https://www.acronymfinder.com/Slang/GC.html
  
  Good cunts - it's originally an Aussie term of endearment, as far as I'm aware
  
  Garbage Collection
  
  What does GC stand for?
  Girthy Cocks maybe?
  As a compliment, u noe?
  Like saying they have Balls of Steel.
  
  Game Cube
  
  In this context i'm going with Game Chick from that list, because none make sense to me.
  
  Group chat?
  https://www.urbandictionary.com/define.php?term=gc
- here's a link to the script. its nothing fancy, but makes it easy to check: https://github.com/akamai/akamai-security-research/blob/main/malware/noabot/noabot_detect.sh
  
  here’s a link to the script.
  "MagicPussy" doesn't sound that bad. 😏
Very poor title, like someone's just got their "Big Book of Clickbait"
Everything is under attack all the time, and everything is never-before-seen until it's seen.
I love how in security, we have gone from "use strong passwords" to "don't make your own passwords", because people will just refuse to learn.

18 comments