In one attack chain, a Bash script retrieved from 0x0[.]st was used to install TinyProxy via common package managers like apt, yum, or dnf. The script then modified configuration files to allow unrestricted external access (Allow 0.0.0.0/0), exposing the proxy service on port ...

In one attack chain, a Bash script retrieved from 0x0[.]st was used to install TinyProxy via common package managers like apt, yum, or dnf. The script then modified configuration files to allow unrestricted external access (Allow 0.0.0.0/0), exposing the proxy service on port ...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/linux-ssh-servers-compromised-to-deploy-proxies