Security News > 2022 > October > New Alchimist attack framework hits Windows, Linux and Mac
New Alchimist attack framework hits Windows, Linux and Mac.
During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.
The Alchimist framework user web interface is written in English and simplified Chinese languages.
More of such attack frameworks have been found lately.
The ease of use of such a framework will probably entice malware developers and threat actors to use more of those in the near future.
Security software should be deployed in order to detect the payloads and possible communications to Alchimist C2. The self-signed certificate used by the framework should raise immediate alerts when found in HTTPS communications.
News URL
https://www.techrepublic.com/article/alchimist-attack-framework-hits-windows-linux-mac/
Related news
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)