By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Cyberessentials Technology MagazineCyberessentials Technology MagazineCyberessentials Technology Magazine
  • Tech news
  • PC & Hardware
  • Mobile
  • Software
  • Gadget
  • Security
  • AI
  • Gaming
  • Marketing
  • WWW
Search
  • Contact
  • Blog
  • Complaint
  • Advertise
© 2025 Cyberessentials.org. All Rights Reserved.
Reading: New PumaBot botnet attacks Linux IoT devices with stealthy SSH brute-force tactics
Share
Notification Show More
Font ResizerAa
Cyberessentials Technology MagazineCyberessentials Technology Magazine
Font ResizerAa
  • Gadget
  • Technology
  • Mobile
Search
  • Tech news
  • PC & Hardware
  • Mobile
  • Software
  • Gadget
  • Security
  • AI
  • Gaming
  • Marketing
  • WWW
Follow US
  • Contact
  • Blog
  • Complaint
  • Advertise
© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.
Security

New PumaBot botnet attacks Linux IoT devices with stealthy SSH brute-force tactics

Last updated: June 6, 2025 3:55 pm
Cyberessentials.org
Share
SHARE

A new botnet named PumaBot is quietly taking over Linux-based IoT devices worldwide. Unlike other botnets, it doesn’t randomly attack the internet. Instead, it uses precise tactics to breach security cameras, routers, and smart gadgets. Here’s what you need to know.

Contents
What makes PumaBot different?How PumaBot sneaks into devicesWhat happens after infection?Why your old security camera is at riskHow to protect your devices

What makes PumaBot different?

Most botnets send login attempts to random IP addresses. PumaBot, on the other hand, is smarter. It gets its target lists from its command center (ssh.ddos-cc[.]org), then attacks those devices with SSH password guesses. It’s like a burglar targeting houses with known weak locks.

“This isn’t some kid in a basement randomly attacking devices,” says a cybersecurity analyst. “PumaBot operators are professionals using military-style reconnaissance.”

How PumaBot sneaks into devices

The attack unfolds in three steps:

Step 1: The fake ID check
Before attacking, PumaBot checks if a device is real. It looks for the string “Pumatronix” – a known maker of traffic cameras. This suggests attackers target specific gear or avoid decoy systems.

Step 2: The camouflage
Once inside, PumaBot disguises itself as Redis database software. It hides in /lib/redis and creates fake system services named redis.service or mysqI.service (with a capital I to trick admins).

Step 3: The backdoor
The botnet plants its own SSH key in the authorized_keys file. Even if you delete the malware, this secret key lets attackers waltz back in anytime.

What happens after infection?

Compromised devices become crypto-mining slaves and data thieves. Darktrace researchers found PumaBot:

• Runs XMRig software to mine Monero cryptocurrency
• Installs rootkits that steal login credentials
• Uses networkxm tool for more SSH attacks
• Exfiltrates stolen data through Chinese domains like lusyn[.]xyz

The most disturbing component? A malicious pam_unix.so file that intercepts every successful login. Stolen passwords get saved to /usr/bin/con.txt before being sent to attackers.

Why your old security camera is at risk

PumaBot targets two common IoT weaknesses:

1. Default passwords: Many devices never change factory-set logins like admin/admin
2. Outdated software: Manufacturers often stop updating devices after 2-3 years

“Your grandma’s internet-connected thermostat could be mining crypto right now,” jokes a reddit user discussing the botnet. The scary truth? They’re not entirely wrong.

How to protect your devices

Cybersecurity experts recommend four key steps:

1. Change default passwords: Make new credentials at least 12 characters with mixed symbols
2. Block SSH from the internet: Use VPNs for remote access instead of open ports
3. Hunt for fake services: Check /etc/systemd/system for suspicious entries
4. Monitor SSH logs: Look for repeated failed login attempts from strange locations

As PumaBot continues evolving, one thing’s clear: IoT security can’t be an afterthought anymore. Your smart fridge might just be the weakest link in your digital life.

Do Social Workers Make More Than Cybersecurity Specialists? A Deep Dive
The 10 Best Laptops for Cybersecurity Professionals
Top 20 Cybersecurity Companies in Ireland
Popular Cities for Cybersecurity Jobs in 2025
20 Free Cybersecurity Summer Programs for High Schoolers in 2025
Share This Article
Facebook Copy Link Print
Share
Previous Article Vpn software logo What is a VPN? VPN meaning
Next Article ethical hacker working in cybersecurity in front of computers 10 Most Popular Cybersecurity Certifications That Will Boost Your Career in 2025
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest News

matrix cybersecurity
The Matrix of All Current Cybersecurity Issues
Security
flat screen monitor turned-on
How Do Macros Pose a Cybersecurity Risk: A Simple Explanation
Security
man and woman sitting on table
Exploring Cybersecurity Volunteer Opportunities
Security
Cal Poly Pomona
Cal Poly Pomona Cybersecurity Club: Your Gateway to Digital Defense
Security
man standing in front of people sitting beside table with laptop computers
Understanding the Cybersecurity Solutions Buying Committee
Security
people sitting on chair in front of table while holding pens during daytime
Do Job Recruiters Actually Verify Cybersecurity Certifications?
Security
hakcer
Cybersecurity: Putting Yourself in the Mind of a Hacker
Security
man holding his chin facing laptop computer
Which is Easy: Cybersecurity or Artificial Intelligence?
Security
banner banner
Cyberessentials.org
Discover the latest in technology: expert PC & hardware guides, mobile innovations, AI breakthroughs, and security best practices. Join our community of tech enthusiasts today!

You Might also Like

A close up of a digital clock displaying the time
Security

Cain and Abel: Top Cybersecurity Tool. A Look Back

Cyberessentials.org
28 Min Read
city buildings during night time
Security

Cybersecurity Banking Staffing Solutions

Cyberessentials.org
24 Min Read
black and white computer keyboard
Security

100 Inspirational Cybersecurity Quotes to Understand the Digital World

Cyberessentials.org
30 Min Read
person using black laptop computer
Security

Information Security vs Cyber Security: A Clear Explanation

Cyberessentials.org
14 Min Read
black Tesla car GPS navigator
Security

Cybersecurity in Auto Insurance: Protecting Your Data in a Digital World

Cyberessentials.org
25 Min Read
black flat screen tv turned on on white table
Security

Cyber Security Engineer Job Description: The Ultimate Guide

Cyberessentials.org
16 Min Read
a man sitting at a desk with a computer
Security

Top 20 Cybersecurity Domains: A Detailed Guide

Cyberessentials.org
21 Min Read
person using black and red Acer laptop computer on table
Security

The 10 Best Cybersecurity Bootcamps of 2025

Cyberessentials.org
18 Min Read
degree
Security

Why You Should Choose UMGC for a Cybersecurity Degree

Cyberessentials.org
13 Min Read
//

Discover the latest in technology: expert PC & hardware guides, mobile innovations, AI breakthroughs, and security best practices. Join our community of tech enthusiasts today!

Support

  • PRIVACY POLICY
  • TERMS OF USE
  • OUR SITE MAP
  • CONTACT US
Cyberessentials Technology MagazineCyberessentials Technology Magazine
Follow US
© 2025 Cyberessentials.org. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?