Wormable Panchan Peer-to-Peer Botnet Harvests Linux Server Keys

From darkreading.com


A peer-to-peer (P2P) botnet and worm called Panchan has been actively breaching Linux servers and harvesting Secure Shell (SSH) keys to perform lateral movement — at times brute-forcing credentials.

That’s according to researchers from Akamai, who discovered the botnet in late March. Written in Golang, it parses local SSH private keys and known hosts on each victim (using a static dictionary), then uses them to spread itself further.

While it could use the botnet for anything, Panchan is focused on a cryptojacking endgame for now. 

Read more…