A new wave of GoBruteforcer attacks targets cryptocurrency and blockchain project databases to build botnets for brute-forcing various Linux server services. These campaigns exploit weak defaults, legacy web stacks, and misconfigured servers to infect hosts and facilitate cybercriminal activities such as blockchain balance querying. #GoBruteforcer #LinuxServers
Keypoints
- GoBruteforcer is a sophisticated malware targeting Unix-like platforms to create large botnets.
- The malware exploits weak credentials and legacy web applications like XAMPP to gain initial access.
- Infected hosts are used for brute-force attacks, payload hosting, and command-and-control operations.
- An analysis revealed targeted blockchain addresses, indicating efforts to compromise crypto projects.
- Broader vulnerabilities include exposed infrastructure, misconfigured services, and automated scanning for misconfigured LLM models.
Read More: https://thehackernews.com/2026/01/gobruteforcer-botnet-targets-crypto.html