Key Findings A new Linux botnet called SSHStalker has been discovered, leveraging IRC for command-and-control (C2) purposes The botnet combines old-school 2009-era Linux kernel exploits with automated mass-compromise techniques to infect around 7,000 systems, primarily cloud servers Unlike typical botnets focused on DDoS attacks or cryptocurrency mining, SSHStalker maintains persistent access without immediate follow-on activities, suggesting potential infrastructure staging
