Cyberspace has seen an unprecedented rise in modified versions of peer-to peer, also known as (P2P) threats, it might have appeared that these P2P services have been vanishing, but in reality, they have emerged even stronger in newer ways. BitTorrent and eMule are still known to be in use by attackers.
A peer-to-peer (P2P) network is an IT infrastructure in which two or more computers have agreed to share resources such as storage, bandwidth and processing power with one another. Besides file sharing, it also allows access to devices like printers without going through separate server software. A P2P network is not to be confused with client-server network that users have traditionally used in networking, here, the client does not contribute resources to the network.
Researchers at Guardicore have recently discovered a sophisticated peer-to-peer (P2P) botnet called as FritzFrog that has been actively operated since January 2020, breaching SSH servers; it’s a Golang-based modular malware that executes a worm malware written in Golang, it is multi-threaded, completely volatile, and fileless and leaves no trace on the infected system’s disk.
It has a decentralized infrastructure which distributes control among all its nodes. The network uses AES for symmetric encryption and the Diffie-Hellman protocol for key exchange in order to carry out P2P communication via an encrypted channel.
So far, more than 20 malware samples have been discovered by the researchers as FritzFrog attempted to brute force over 500 SSH servers belonging to educational institutions, governmental institutions, telecom organizations, banks, and medical centers worldwide. The campaign also targeted some well known high-education institutions in the United States and ..
Support the originator by clicking the read the rest link below.
