Tencent Royal See: DDG botnet upgrades 9 versions in January to attack Linux system mining

Recently, Tencent Security found that the DDG botnet was frequently updated. In the last month, a total of 9 versions were updated to attack Linux system mining. A major change in the latest version of the DDG mining Trojan is to download the script uninstall.sh, quartz_uninstall.sh to uninstall security protection products such as Tencent Yunyun Mirror and Ali Yunan Knight to enhance the survival time of the mining Trojan on the server. It is reported that the DDG botnet first appeared in 2017, mainly by scanning the SSH service and the Redis service to break into the LINUX system and mine Monero for profit.