Security News > 2022 > January > New SysJoker backdoor targets Windows, macOS, and Linux

New SysJoker backdoor targets Windows, macOS, and Linux
2022-01-11 15:04

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems.

The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

The malware is written in C++, and while each variant is tailored for the targeted operating system, they are all undetected on VirusTotal, an online malware scanning site that uses 57 different antivirus detection engines.

Execute the payload. The malware then sleeps for up to two minutes before creating a new directory and copies itself as an Intel Graphics Common User Interface Service.

After gathering system and network data, the malware will create persistence by adding a new registry key.

From there, the C2 may instruct the backdoor to install additional malware, run commands on the infected device, or command the backdoor to remove itself from the device.


News URL

https://www.bleepingcomputer.com/news/security/new-sysjoker-backdoor-targets-windows-macos-and-linux/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2602 1595 67 4328