Monday, September 18, 2023

Chinese hackers have unleashed a never-before-seen Linux backdoor


Trojan horse on top of blocks of hexadecimal programming codes. Illustration of the concept of online hacking, computer spyware, malware and ransomware.

Enlarge

Researchers have discovered a never-before-seen backdoor for Linux that’s being used by a threat actor linked to the Chinese government.

The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said that Trochilus executed and ran only in memory, and the final payload never appeared on disks in most cases. That made the malware difficult to detect. Researchers from NHS Digital in the UK have said Trochilus was developed by APT10, an advanced persistent threat group linked to the Chinese government that also goes by the names Stone Panda and MenuPass.

Other groups eventually used it, and its source code has been available on GitHub for more than six years. Trochilus has been seen being used in campaigns that used a separate piece of malware known as RedLeaves.

Read 8 remaining paragraphs | Comments

Reference : https://ift.tt/HoqKmvp
-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

ChatGPT’s success could have come sooner, says former Google AI researcher

In 2017, eight machine-learning researchers at Google released a groundbreaking research paper called Attention Is All You Need , which in...