Security News > 2020 > December > New Windows malware may soon target Linux, macOS devices
Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. The new trojan, dubbed PyMICROPSIA by Unit 42, was discovered while investigating AridViper activity, a group of Arabic speaking cyberspies focusing their attacks on Middle Eastern targets since at least 2011.
While PyMICROPSIA is a Python-based malware that specifically targets Windows systems using a Windows binary generated using PyInstaller, Unit 42 has also found code snippets showing that its creators are potentially working on adding multi-platform support.
"PyMICROPSIA is designed to target Windows operating systems only, but the code contains interesting snippets checking for other operating systems, such as 'posix' or 'darwin'," as Unit 42 said.
PyMICROPSIA makes use of Python libraries for a wide range of purposes, ranging from information and file theft to Windows process, file system, and registry interaction.
Based on the connections found by Unit 42 between PyMICROPSIA and AridViper's MICROPSIA malware, this threat actor "Maintains a very active development profile, creating new implants that seek to bypass the defenses of their targets."
News URL
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)