A Chinese-developed Go-based backdoor called Supershell is targeting poorly managed Linux SSH servers. The malware, which supports multiple platforms, primarily functions as a reverse shell for remote system control. Attackers use dictionary attacks from various IP addresses to gain access, then install Supershell directly or via a downloader script. The malware is downloaded from web and FTP servers. While Supershell is the initial payload for control hijacking, XMRig Monero CoinMiners are often installed alongside it, suggesting cryptocurrency mining as the ultimate goal. To protect against such attacks, administrators should use strong passwords, update systems regularly, and implement security measures like firewalls.