Tech »  Topic »  PumaBot Malware Targets Linux IoT Devices

PumaBot Malware Targets Linux IoT Devices

1 week, 3 days ago   bankinfosecurity

Stealthy Malware Installs Cryptomining Software Prajeet Nair (@prajeetspeaks) • May 28, 2025

A puma photographed in captivity in Goias, Brazil. (Image: Leonardo Mercon/Shutterstock)

A botnet targeting Internet of Things devices running on the Linux operating system works by brute forcing credentials and downloading cryptomining software.

See Also: OnDemand | Navigate the threat of AI-powered cyberattacks

Researchers from Darktrace christened the botnet "PumaBot," since its malware checks for the string "Pumatronix." That's the name of a Brazilian manufacturer of surveillance and traffic camera systems, "suggesting potential IoT targeting or an effort to evade specific devices." The bot also fingerprints the environment to avoid honeypots or restricted shells.

Unusually for a botnet, the malware doesn't scan the internet for opportunistic targets. Rather, it connects to a command and control server that delivers a list of IP addresses of devices that likely have open SSH ports. The domain associated with the server ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE

More related news