Raspberry Pi Malware uses IRC Remote Access Trojan (RAT)
76,604
Published 2023-05-26
π₯ YOUTUBE ALGORITHM β‘ Like, Comment, & Subscribe!
π SUPPORT THE CHANNEL β‘ jh.live/patreon
π€ SPONSOR THE CHANNEL β‘ jh.live/sponsor
π FOLLOW ME EVERYWHERE β‘ jh.live/discord β jh.live/twitter β jh.live/linkedin β jh.live/instagram β jh.live/tiktok
π₯ SEND ME MALWARE β‘ jh.live/malware
All Comments (21)
-
I love how this script taught me how IRC client server actually talk to one another XD
-
im pretty sure when elliot connected the pi to the Steel canyon thermostat i think it was also a Raspberry Pi Malware uses IRC Remote Access Trojan (RAT).
-
I am not an expert in the field of cyber security, but I intend to learn, and every time I lose passion in learning and watch your videos, I just go back and continue again. Thank you for everythingππ I feel that you are my guide in this fieldπ
-
IRC as a command&control is not unheard of. Used to be common back in the early 2000s when first botnets came to existance.
Question: who port-forwards ssh to raspberry pi with default user/pass to internet? Like putting keys into a car with windows open... -
Your explanations help me get better in Linux and malware analyses. Your videos are great value!
-
What is this Overflow thumbnail :D Also Pi with IRC RAT, lets go baby. Nice find
-
Great video as always, John.
Just wanted to say that I've noticed that very same malware being dropped in my SSH honeypot a couple of times some months ago, but I've got 3 different samples of it if I remember correctly.
IDK if I should send you those samples because they're almost the same IRC worm written in plain bash... And I find them funny as hell.
Sorry any typo, I'm not a native english speaker. -
Would have been great to validate the credentials in the hash and then join those channels to see how many infected machines are connected.
-
looks like an RX Bot my brother used to play with back in the day... it comes to an IRC channel and you command it with commands beginning with a special character. i used to love IRC. :)
-
I got hacked once when I had my linux box on the net, they installed an IRC bot in my home directory. I looked at what it did and logged into the channel they were using. And seen everything. Pretty interesting.
-
Its like your Pi becomes a zombie and these zombies will keep scanning another vuln Pi's in the wild and infect it.
-
great video! Running down the code was pretty interesting
-
Haha we boomers used to run IRC with Telnet, so I recognize those responses immediately!
-
Now I feel very old. IRC as C2 was the default back in my days π
-
Ok I'll date myself a little bit here but this is not new. Sub7 server was using IRC for c2 like 25+ years ago.....lol
-
picked up a lot of background bash info thanks.
-
The thing that doesn't make sense is, it changing the password.
This would make the user take the Pi offline and reflash it, killing the RAT, in most cases -
5:20 If you want to pronounce "Deutschland" as a German would pronounce it ("Deutschland" is German for "Germany"), think of it as if it was written "Doytshlund" and pronounce that the English way.
-
Could you please create some video about "Black Cat/AlphV ransomware" and how their tools work? Looks like a lot of big companies were hit recently
-
Bro copied liveoverflow's thumbnail as revenge for the mockery in his last video π