Israeli Ophir Harpaz uncovered a complex scheme to break into government institutions in the U.S. and Europe, but in this case, their attempts failed.
By TPS
Ophir Harpaz, a cyber researcher at Israel’s Guardicore cybersecurity firm, recently exposed a massive cyber attack on government, education, and finance sectors in the U.S.
FritzFrog malware is both a worm and a botnet that uses weak passwords and attacks Linux servers over SSH to mine cryptocurrencies since at least January 2020.
The attack has already managed to infiltrate over 500 servers in the US and Europe of universities and a railway company.
Harpaz discovered that the attackers had turned the systems they took over into a “peer network” that serves as a malicious force multiplier.
They began using the servers they took over to mine cryptocurrencies, but this did not seem to be their main purpose, but rather preparation of the infrastructure of infected computers to schedule a much larger attack or sell the option to another entity.
They also tried to break into government institutions in Europe and the U.S., but in this case, their attempts failed.
Guardicore has issued guidelines to security personnel around the world with which they can check if they have been infected with the new malware and clean the servers.
Guardicore is a leader in data center and cloud security and was established by former IDF cybersecurity experts.