Threat actors have been using a recently released network mapping tool for malicious purposes. “SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network.” Researchers from Sysdig have observed threat actors using SSH-Snake to steal SSH credentials. The attackers exploited known vulnerabilities to gain initial access to the systems. Ref https://sysdig.com/blog/ssh-snake/
