Security News > 2021 > March > Linux Systems Under Attack By New RedXOR Malware
Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group.
The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.
RedXOR creates a hidden folder inside a home folder, which is then utilized to store files related to the malware.
Researchers said they found "Key similarities" between RedXOR and other previously reported malware that is associated with Winnti: the PWNLNX backdoor, the XOR.DDOS botnet and the Groundhog botnet.
Researchers said that 2020 saw a 40-percent increase in new Linux malware families - a new record at 56 malware strains.
"Linux systems are under constant attack given that Linux runs on most of the public cloud workload," said Intezer researchers.
News URL
https://threatpost.com/linux-systems-redxor-malware/164689/
Related news
- Ivanti zero-day attacks infected devices with custom malware (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)