PumaBot Botnet Hacks IoT Devices via SSH Attacks

A newly identified Linux-based botnet known as PumaBot is targeting embedded Internet of Things (IoT) devices by brute-forcing SSH credentials, according to cybersecurity researchers. Written in the Go programming language, PumaBot is designed to infiltrate vulnerable systems and deploy malicious payloads after gaining unauthorized access.

The malware specifically targets devices with weak or default SSH login credentials, exploiting these entry points to expand its reach across connected networks. Once access is obtained, PumaBot installs its payload, potentially enabling remote control, data theft, or further propagation of the botnet.

The discovery of PumaBot highlights the persistent threat posed by botnets to connected devices, particularly those running Linux-based operating systems. Security experts warn that embedded IoT systems, often overlooked in enterprise security strategies, remain a favored target due to limited defenses and outdated firmware.

Organizations are advised to strengthen SSH configurations and implement robust credential policies to mitigate exposure to such brute-force attacks.