I Mass-Accepted SSH Logins for 48 Hours and Catalogued Everything That Walked In
38,208 events. 374 unique IPs. 12 malware samples. A self-propagating Chinese worm. A multi-architecture cryptominer. Two competing SSH backdoor campaigns. One very convincing fake server.
|18 min read