Security News > 2022 > September > Chinese state hackers create Linux variant for SideWalk backdoor

Chinese state hackers create Linux variant for SideWalk backdoor
2022-09-14 12:07

State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector.

The SideWalk Linux backdoor has been observed in the past, initially being tracked as StageClient by security researchers at cybersecurity company ESET. An early variant of the malware was spotted by researchers at 360 Netlab, the threat intelligence team at Chinese internet security company Qihoo 360, and detailed two years ago in a blog post about the Specter botnet hitting IP cameras.

After analyzing Specter and StageClient, ESET researchers determined that both malware pieces have the same root and are Linux variants of SideWalk.

ESET notes in a report today that while SideWalk Linux has been used against multiple targets in the past, their telemetry data shows that the variant they discovered was deployed against only one victim in February 2021, a university in Hong Kong.

Looking at the SideWalk variants for Linux and Windows, ESET noticed "Striking" similarities in the way they function, the implementation of multiple components, and the payloads dropped on the compromised system.

SparklingGoblin has the capabilities to develop malware adapted to its needs, as evidenced by the SideWalk Linux variant.


News URL

https://www.bleepingcomputer.com/news/security/chinese-state-hackers-create-linux-variant-for-sidewalk-backdoor/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2602 1595 67 4328