The malware uses SSH, Telnet, HTTP, and BitTorrent protocols and looks to bruteforce weak credentials.
The malware uses SSH, Telnet, HTTP, and BitTorrent protocols and looks to bruteforce weak credentials.

Eset researchers spotted a Linux malware dubbed Shishinga that is written in Lua and uses four different protocols and Lua scripts for modularity.

The malware uses SSH, Telnet, HTTP, and BitTorrent protocols and looks to bruteforce weak credentials based on a password list similar to Linux/Moose malware, according to an April 25 blog post.  

Researchers said that at first glance the malware might appear to be like others however, its usage of BitTorrent protocol and Lua modules separates it from the herd and they speculate that Shishinga could evolve and become more widespread.

The malware is also a work in progress as researchers said noting the low number of victims, constant adding, removing, and modifying of the components, code comments and even debug information.

To prevent infections, users should practice good cybersecurity hygiene and not use default Telnet and SSH credentials.