FritzFrog is a Linux worm which compromises and takes control of Linux computers by submitting multiple login attempts on the Secure Shell (SSH), known as brute force password cracking.
A successful attack turns the targeted server into a new node of the botnet. This node is now enlisted to mine the Monero crypto currency and do brute force password cracking on other servers.
Guardicore discovered and documented the malware in full.
Should I Do Anything?
For a Christian, two scriptures from Paul spring to mind when considering what steps one should take in this situation:
“Whether therefore ye eat, or drink, or whatsoever ye do, do all to the glory of God” -1 Corinthians 10:31
And
“Servants, obey in all things your masters according to the flesh; not with eyeservice, as menpleasers; but in singleness of heart, fearing God: And whatsoever ye do, do it heartily, as to the Lord, and not unto men;” -Colossians 3:22-23
You must take steps to ensure that you are secured from this attack if you are responsible for any Linux server(s).
There was a good result, very recently, for a case taken by Heritage Valley Health System (HVHS) against service provider Nuance, whose NotPetya infected servers, in turn, infected HVHS systems. The three-year court case was finally dismissed!
While you might win your case in court, the cost of a lengthy legal battle could still bankrupt you or put you out of business.
How Do I Do It?
The “secure” in “secure shell” (SSH) refers to authentication and other traffic being encrypted in transit so it cannot be eavesdropped on. The secure shell needs further securing to protect against these kinds of attacks.
There is a step by step guide on doing this on GoLinuxCloud
