FritzFrog botnet infected Government and Corporate Servers, at least 500 Affected

The main goal of FritzFrog is cryptocurrency mining.

Guardicore Labs has published a report on the activity of the relatively new P2P botnet FritzFrog. Which in 2020 managed to infect at least 500 government and corporate SSH servers.

The botnet was first spotted in January this year. Over the past eight months, FritzFrog has carried out multiple brute-force attacks on SSH servers belonging. To government agencies, telecommunications, financial companies, and healthcare and education companies around the world. At least 500 attacks were successful.

FritzFrog is a decentralized botnet that uses P2P protocols to manage its nodes.

After the SSH server is hacked, fileless malware is loaded onto the system and executed only in memory. Therefore, Turning the device into a bot capable of receiving and executing commands. Also, The FritzFrog malware is unpacked on the system under the names ifconfig and Nginx. And is launched as a command-pending startup process listening on port 1234. These commands are easy enough to detect. So the attackers connect to the victim via SSH and launch the Netcat client.

All commands are transmitted in encrypted form. The first connect the device to an existing botnet. While the rest are used to install the backdoor and monitor the network, PC, and CPU resources.

Furthermore, The main goal of FritzFrog is cryptocurrency mining. To do this, the botnet uses Monero mining software called XMRig. If the processes on the server are using too many CPU resources. FritzFrog will terminate them to provide power to the miner.

According to experts, FritzFrog uses a proprietary P2P protocol, which may indicate the high professionalism of its developers. Guardicore Labs was unable to find concrete evidence of any group’s involvement in the botnet. But they did find some similarities between FritzFrog and the Rakos botnet discovered in 2016.

Henceforth, WE WISH TO ANNOUNCE THAT OUR SERVICES ARE NOT AVAILABLE TO PEOPLE FROM NIGERIA AND INDIA. THESE ARE USELESS TIME WASTERS AND THIEVES TRYING TO BEG OR SCAM US OF OUR PRODUCTS. OUR SERVICES ARE NOT FREE AND PAYMENT IS UPFRONT

A LOT OF FOOLS FROM NIGERIA AND INDIA. on the off chance that YOU DON’T TRUST TO USE OUR SERVICES, DON’T CONTACT US AS WE HAVE NO FREE SERVICE

CONTACT US FOR PURCHASE/INQUIRIES, WE RESPOND ALMOST INSTANTLY 

HI BUYERS, WE ARE A PROFESSIONAL CARDING AND HACKING TEAM. HOVATOOLS HAS BEEN AROUND SINCE THE TIME OF EVO MARKET, ALPHABAY, WALLSTREET MARKET AND MORE. WE REMAIN STRONG AND RELIABLE IN THE INDUSTRY, ALWAYS PROVIDING YOU WITH THE BEST QUALITY TOOLS TO HELP YOU MAKE MONEY AND MAXIMIZE PROFIT IN THE FRAUD GAME.

TO GET STARTED, YOU CAN VISIT OUR ONLINE SHOP/STORE TO BUY EVERYTHING YOU NEED TO START CASHING OUT.  AT THE SHOP YOU GET Accounts & Bank Drops CVV & CARDS DUMPS PERSONAL INFORMATION & SCAN.

BANK HACKING SOFTWARE – WIRE/ACH DARKWEB MONEY TRANSFER HACKERS

Buy Fresh Credit Cards for Carding, BIN LIST Buy Bank Login, RDP, Buy Hacked Paypal accounts. Contact us to buy all tools and carding software. CLICK HERE TO VISIT OUR SHOP
Buy Socks 5, Email Leads, Buy Latest CC to Bitcoin Cashout Guide, Buy Hacked Zelle transfer , Western Union Money Transfer Hack, Buy Hacked Money Transfer service to your bank account.
Enroll for Paid private Carding Class.