Botnet
FritzFrog
First seen: 2020-01 • Status: active
Currently Active Threat
FritzFrog is a clever botnet that spreads through SSH without needing a central command server. It mines cryptocurrency.
Overview
FritzFrog is a sophisticated P2P botnet that brute-forces SSH and deploys cryptominers. It has no C2 server, making it resilient.
How It Spreads
- • SSH brute force
- • Peer-to-peer propagation
What It Does
- • SSH brute forcing
- • Cryptomining
- • Decentralized C2
Is your business exposed?
Target Platforms
Linux
Detection Tips
- • Monitor SSH failed logins
- • Watch for P2P traffic patterns
MITRE ATT&CK Techniques
T1110, T1496
If You're Infected
- 1.
Disable SSH password authentication
- 2.
Implement SSH key authentication
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required