Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Poorly secured Linux SSH servers are being hijacked by threat actors to install port scanners and tools for dictionary attacks to conduct cryptocurrency mining and distributed denial-of-service (DDoS) attacks. The actors can sell breached IP and account credentials on the dark web, warns AhnLab Security Emergency Response Center. Password rotation, complex passwords, and system updates can mitigate these risks. These attacks likely first appeared in 2021.