SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

The SSHStalker botnet utilizes IRC for command and control, exploiting legacy Linux kernel vulnerabilities to gain access and maintain persistent, dormant control over systems. It employs a Golang scanner to spread and uses log-cleaning tools and a ‘keep-alive’ component to evade detection.