After lying low, SSH botnet mushrooms and is harder than ever to take down

Rows of 1950s-style robots operate computer workstations.

Enlarge (credit: Aurich Lawson / Ars Technica)

secure shell, server—cloud instances, data center servers, routers, and the like—and installs an unusually advanced payload that was written from scratch. When researchers from security firm Guardicore Labs (now Akamai Labs) reported it in mid-2020, they called it a “next-generation” botnet because of its full suite of capabilities and well-engineered design.

It was a decentralized, peer-to-peer architecture that distributed administration among many infected nodes rather than a central server, making it hard to detect or take it down using traditional methods. Some of its advanced traits included:

Read 14 remaining paragraphs | Comments