SSH malware
2025-11-01
Due to its intended functionality, privilege, and ubiquity, SSH servers and clients are a popular target for malware.
Read More
SSH malware common features
2025-11-01
Common features of SSH malware:
code reuse
Many samples are modified open source tools.
obfuscation: stack strings, xor encryption, UPX, ADD/SUB, ...
Read More
SSH malware research data
2025-11-01
List of ideas for SSH malware research:
SSH malware matrix
like the c2 matrix, but SSH malware. might have to have a few categories: worms, scanners, ...
Read More
ssh-it
2025-11-01
ssh-it is an SSH worm developed by THC.
Read More
ssh-key-backdoor
2025-11-01
ssh-key-backdoor is a technique developed by THC that abuses SSH keys to achieve persistence and lateral movement. ...
Read More
sshdinjector
2025-11-01
sshdinjector is Linux malware attributed to Evasive Panda that is injected into the SSH daemon. ...
Read More
Suricata
2025-11-01
Suricata is a network analysis and threat detection engine used for IDS and IPS systems.
Read More
The Hackers Choice
2025-11-01
The Hacker’s Choice is an international hacking group.
https://github.com/hackerschoice
Read More
VyOS
2025-11-01
VyOS is an open source platform used to develop routers.
https://en.wikipedia.org/wiki/VyOS
https://github.com/vyos/vyos-build
Read More
AbcBot
2025-10-28
Abcbot is malware written in Go targeting Linux hosts and used to perform DDoS attacks.
https://thrive.trellix.com/s/article/KB95211?language=en_US ...
Read More