Alerts This Week
Warning Icon 1 1,375
Alerts This Week
Warning Icon 1 1,375

Panchan Botnet Lateral Movement in Linux Education Servers

7.Locks HexConnections Esm H446

A new peer-to-peer botnet named Panchan appeared in the wild around March 2022,  targeting Linux servers in the education sector to mine cryptocurrency.

Panchan is empowered with SSH worm functions like dictionary attacks and SSH key abuse to perform rapid lateral movement to available machines in the compromised network.

At the same time, it has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to stop the mining module immediately.

Your message here