Consider following on social media!
Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!
Photo by Chinmay Singh, please support by following @pexel.com
There comes a time in one’s life where they may think to themselves and say “The big ole Information Technology world huh, meh, let me give it a shot. What could go wrong?” Foolish child, we’re here to tell you that a lot could go wrong. One’s reasons for choosing a path in Information Technology or IT for short, could range from making a butt load of money, being the next person to create the next big thing, or simply adding a new skill to their already growing list.
Or maybe it’s a combination of all three. It should be the last one primarily because you’re awesome and striving to better a version of yourself every day is on your to-do list, so go you. However, typically, it’s the first reason since we’re all driven by our finances.
If you’re not making money, then you’re not making sense. A narrow and closed-minded way of thinking but hey, people aren’t usually open-minded so, whatever. For one to get into the world of IT, or jailbreak into IT at this point, a process needs to occur aside from simply learning code, linking resources together, and understanding how packets are sent through a network. When in an interview or at some point in a professional setting, one could be asked if they have ever contributed to what is called “Open source”.
Open source, in a nutshell, let’s say you make an application or a small program, once you feel your program or application is complete, it can then be uploaded to a platform like GitHub where others can either add onto or make corrections to your code. This can also be done vice versa. All in all, whoever is asking about contributing to open source wants to gauge your depth in IT. So, say yes, yes you have contributed to open source.
Photo by cottonbro studio, please support by following @pexel.com
The Attack
While there is a chance to get your program to an audience for good intentions other than to make money, others have used that same platform for malicious means. Are you interested in knowing what could be on your computer and getting up all in your network’s guts? Look no further than SSH-Snake. For those who may not know what SSH stands for, again, this is an all-inclusive platform, so we’re just being mindful of the audience.
SSH is “Secure Shell Protocol”, it’s a network protocol for operating network services securely over what is mostly an unsecured network. If you have ever worked with the command line, you’re more likely to be aware of SSH. Just know; common people mess with the Graphical User Interface (GUI), nerds, geeks, and hackers mess with the command line interface (CLI). Don’t know why they called “SSH” and not “SSP”, don’t know where the “H” came from but hey, we don’t make the script, we just read them.
Photo by Andrea Piacquadio, please support by following @pexel.com
Who Can It Be Now
SSH-Snake is known as a “self-modifying worm”. Worms are already a nightmare provided that once they’re in your system, they begin making their way to anything attached to your network. Doesn’t sound like a fun time? Trust us, it’s not. Self-modifying, as the name implies, the malware can infect a device and make alterations to its code. The best way to think of it is; code that adapts to a given situation.
Would you like to know who is using SSH-Snake? Well, we would like to know the same thing. There are instances where researchers find the tool is being used and report it right away but without finding out who. Granted, it just may not be in their scope which we can respect. Do what the job asks of you and nothing more. Ah, that good old work/life balance.
Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?
Photo by Moose Photos, please support by following @pexel.com
That Sinking Feeling
Now, how does SSH-Snake work? The malware finds your system’s cornhole (a way in), this could be done by something simple like clicking on a naughty (it’s not always naughty links but most common) link which could trigger downloading of malicious files housing SSH-Snake. Once downloading is complete, like any other worm, code is executed and now it’s free to run rampant and wreak havoc.
S-Snake(SSH-Snake) will begin collecting information from libraries, look for private keys, and shell history files, and begin spreading once the network is mapped. Other problems included are C2C. This is where all the collected information makes its way back to the threat actor’s lair for later use. SSH-Snake and worm virus have most things in common but what separates them overall is Snake’s ability to self-modify.
Photo by Josie Stephens, please support by following @pexel.com
The Prevention
Great, so now you’re wondering, “How do I protect my computer’s cornhole?” A good way to protect your system is by practicing the best security practices. Always be mindful of what you interact with on the internet as some things may not appear to be on the level. Frequently check for updates for your operating system and anti-virus software. Security is becoming more challenging because technology is getting more advanced but the more you learn, the more you can protect. That was a call for you to learn about cybersecurity in case you’re confused.
Photo by Designecologist, please support by following @pexel.com
Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.
Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.
Do you feel like there is something I may have missed on SSH-Snake? Script a comment below.
