Security News > 2021 > March > Linux Systems Under Attack By New RedXOR Malware
Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group.
The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.
RedXOR creates a hidden folder inside a home folder, which is then utilized to store files related to the malware.
Researchers said they found "Key similarities" between RedXOR and other previously reported malware that is associated with Winnti: the PWNLNX backdoor, the XOR.DDOS botnet and the Groundhog botnet.
Researchers said that 2020 saw a 40-percent increase in new Linux malware families - a new record at 56 malware strains.
"Linux systems are under constant attack given that Linux runs on most of the public cloud workload," said Intezer researchers.
News URL
https://threatpost.com/linux-systems-redxor-malware/164689/
Related news
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Researchers discover first UEFI bootkit malware for Linux (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- New stealthy Pumakit Linux rootkit malware spotted in the wild (source)
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)