Due to its intended functionality, privilege, and ubiquity, SSH servers and clients are a popular target for malware.
Links to this note
- bypassingnetworkrestrictionrdptunneling-mandiant2019
- chinesemalwarslinuxsshbackdoor-mandvi2025
- lateralmovementssh-lambert2020
- SSH lateral movement
- malwaresshkeystospread-ssh2025
- SSH malware common features
- SSH malware research data
- sshdinjector
- analyzingsshdinjector-apvrille2025
- sshbackdors-dumont2018