New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Meet the team at Infosecurity Europe 2025
Book a Meeting

Shc Linux Malware Used To Install XMRig CoinMiner And DDoS Botnet

January 11, 2023

External facing Linux servers in South Korea were targeted with a Shc (Shell Script Compiler) downloader, XMRig coin miner, and DDoS IRC botnet. XMRig was used to mine for digital currency while the botnet was used to perform TCP, UDP, and HTTP DDoS flood attacks. The botnet also contained additional commands including command execution, reverse shell, port scanning, and log deletion.