Malware
BruteEntry
According to Cisco Talos, BruteEntry is a Go-based ELF malware family used to convert compromised Linux systems, particularly edge devices, into operational relay boxes that perform large-scale creden
BruteEntry is a Linux malware family operated by UAT-9244.
Background
Cisco Talos reports that BruteEntry is a Go-based ELF malware family that turns compromised Linux systems, especially edge devices, into operational relay boxes for large-scale credential brute forcing. It pairs a daemon-like agent with a Go "instrumentor" that keeps the agent running; the agent then registers with a command-and-control server and is tasked with lists of target hosts and service types. Drawing on embedded credential lists, BruteEntry methodically attempts logins against services like SSH, PostgreSQL databases, and application servers, and reports back detailed success or failure results. Spreading its scanning and brute-force workload across many infected nodes lets BruteEntry deliver resilient, outsourced access acquisition for the operator's larger intrusion campaigns.
Source: Malpedia (Fraunhofer FKIE).