The Linux Trojan Linux.PNScan is back and it is actively targeting routers based on x86 Linux in an attempt to install backdoors on them. Malware experts from Malware Must Die! discovered a new strain of malware that emerged more than a year ago. The threat targets specific IP addresses and attempts to establish an SSH connection by using the following credentials:combinations:root root root root, root admin;root;ro;rougeroot;professor;admin;uberge;ubnt.com on port 443 to hide its malicious traffic. The malware researchers who analyzed the threat suggest it might be of Russian origin.”]
Source: https://securityaffairs.co/wordpress/50607/malware/linux-pnscan-return.html