Jun 15, 2022
New peer-to-peer botnet infects Linux servers with cryptominers
Posted by Genevieve Klien in categories: cryptocurrencies, cybercrime/malcode, education
A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency.
Panchan is empowered with SSH worm functions like dictionary attacks and SSH key abuse to perform rapid lateral movement to available machines in the compromised network.
At the same time, it has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to stop the mining module immediately.