Over 10,000 Linux Servers Infected by SystemBC Botnet Variant
First seen 4 Feb 2026, 20:59 UTC
•



+1
•85% similarity
•30.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A new Linux variant of the SystemBC remote access trojan has infected over 10,000 IP addresses worldwide, primarily targeting web servers. Discovered by Silent Push, the compromised servers include those hosting government websites and are being exploited for cybercrime activities. Despite previous disruptions to its infrastructure in May 2024, SystemBC remains active and continues to function as a multi-platform proxy for malicious traffic.
ThreatCluster AI