#SSHSnake – Xynik

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

July 11, 2024 by Xynik

July 11, 2024 at 11:10AM The new threat actor, CRYSTALRAY, has expanded its operations, targeting over 1,500 victims with stolen credentials and cryptominers. Utilizing SSH-Snake and various open-source tools, CRYSTALRAY aims to collect and sell credentials, deploy cryptominers, and maintain persistence in victim environments. It exploits vulnerabilities in various software and targets Atlassian Confluence products. … Read more

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks

February 22, 2024 by Xynik

February 22, 2024 at 05:51AM SSH-Snake, a network mapping tool, has been repurposed by threat actors to conduct malicious activities. The self-replicating worm leverages SSH credentials to spread throughout the network and harvest credentials and IP addresses. It has been observed in real-world attacks, highlighting the importance of comprehensive security measures. Additionally, a new botnet … Read more

New SSH-Snake malware steals SSH keys to spread across the network

February 21, 2024 by Xynik

February 21, 2024 at 03:32PM SSH-Snake, an open-source network mapping tool, is being used by a threat actor to stealthily search for private keys and move laterally through victim infrastructure. It was discovered by Sysdig’s Threat Research Team, who describe it as a self-modifying worm that avoids typical detection patterns, making it a more efficient … Read more