A fileless worm dubbed FritzFrog has been found roping Linux devices running SSH servers – corporate servers, routers and IoT devices – into a P2P botnet whose apparent goal is to mine cryptocurrency. Simultaneously, though, the malware creates a backdoor on the infected machines, allowing attackers to access it at a later date even if the SSH password has been changed in the meantime.
Read full article on Help Net Security