From malwarebytes.com
Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign, according to researchers at Microsoft. The attacks, which involve brute forcing a way into a system, are designed to profit from mining in illicit fashion for cryptocurrency.
Once the attackers have broken into their target system, a patched version of OpenSHH, a remote login tool, is downloaded from a remote server. When the rogue version of this tool is deployed, it looks to backdoor hijacked systems and swipe credentials to ensure it lingers on the system for as long as it possibly can.