![Four Seconds to Botnet - Analyzing a Self Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary], (Wed, Feb 11th)](https://isc.sans.edu/diaryimages/images/Johnathan%20Husch_Picture1.png)
Four Seconds to Botnet - Analyzing a Self Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary], (Wed, Feb 11th)
• SSH worm exploited weak passwords, compromising Linux systems in seconds. • Attack used credential brute force, uploading a 4.7 KB bash script via SCP. • Script established persi