Attacks on SSH servers through SSH tunneling
A pioneer in cloud native security has shed light on a long-standing but little-known threat to SSH servers. SSH tunneling allows threat actors to use SSH servers as a slave proxy and route traffic through them. Several months of research by Aqua's Nautilus research team revealed that cybercriminals have found a way to use SSH tunneling to create proxy pools. The cybercriminals primarily aimed at spreading SPAM, but evidence of information theft or cryptomining was also found. As part of the investigation, Team Nautilus found numerous indications that compromised…