Hackers are using Discord as a command and control (C&C) platform to exploit Jupyter Notebooks and SSH. The campaign, called Qubit Strike, uses Discord's bot functionality to manage and monitor infected nodes and their mining activity. Qubit Strike is the first known malware campaign to use Codeberg as a hosting platform for its malicious code. Cado Security Labs has detected the malware and continues to monitor the campaign. The main component of Qubit Strike is a shell script called mi.sh, which performs various functions such as cryptocurrency mining, setting up persistence, and stealing credentials. Qubit Strike utilizes Discord for C&C and data exfiltration, targeting Cloud Service Provider credentials. The malware employs evasion tactics to avoid detection and spreads through SSH connections. It also deploys the Diamorphine Linux Kernel Module (LKM) rootkit. The campaign poses a multi-faceted threat and is a growing concern in the cybersecurity landscape. #hackers #DiscordC&C #malware #QubitStrike #JupyterNotebooks #SSH

https://cybersecuritynews.com/hackers-use-discord-for-cc/