32.Lock Code Circular Esm W900

A new Linux malware developed using the shell script compiler has been observed deploying a cryptocurrency miner on compromised systems.

"It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system," AhnLab Security Emergency Response Center (ASEC) said in a report published today. 

shc allows shell scripts to be converted directly into binaries, offering protections against unauthorized source code modifications. It's analogous to the BAT2EXE utility in Windows that's used to convert any batch file to an executable.

In an attack chain detailed by the South Korean cybersecurity firm, a successful compromise of the SSH server leads to the deployment of an shc downloader malware along with a Perl-based DDoS IRC Bot.

The link for this article located at The Hacker News is no longer available.