PumaBot: Novel Botnet Targeting IoT Surveillance Devices
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A new Go-based Linux botnet named PumaBot has been identified targeting IoT devices, particularly surveillance systems. It brute-forces SSH credentials using lists from a C2 server, then deploys itself and establishes persistence. The malware disguises itself as legitimate system files, creates systemd services, and adds SSH keys for backdoor access. It also includes components for credential theft and system monitoring. The botnet demonstrates sophisticated evasion techniques and aims for long-term access to compromised devices.
OPENCTI LABELS :
linux,botnet,credential theft,iot,persistence,surveillance,pumabot,ssh brute-force
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
PumaBot: Novel Botnet Targeting IoT Surveillance Devices