Careless oversight of Linux SSH servers draws cryptominers, DDoS bots

Cybercriminals are exploiting poor password management and lax vulnerability patching to install malware on Linux SSH servers and carry out cybercrimes like cryptomining and DDoS attacks, according to a report by AhnLab. They use dictionary and brute-force attacks to access servers, sometimes selling the breached data instead of installing malware. The report did not identify a specific perpetrator but noted that several hacker groups have used these techniques. AhnLab advised administrators to maintain strong passwords, keep server software updated, and use firewalls.