GBHackers reports:
OpenSSH has become a standard tool for secure remote management on both Linux and Windows systems.
Since its inclusion as a default component in Windows 10 version 1803, attackers have increasingly exploited its presence, leveraging it as a “Living Off the Land Binary” (LOLBIN).
This means adversaries use trusted system tools
ssh.exeto evade detection and establish persistent access.A recent malware sample, disguised as
dllhost.exe, demonstrates this abuse.
Read more at GBHackers.