Security News > 2022 > October > New Alchimist attack framework hits Windows, Linux and Mac
New Alchimist attack framework hits Windows, Linux and Mac.
During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.
The Alchimist framework user web interface is written in English and simplified Chinese languages.
More of such attack frameworks have been found lately.
The ease of use of such a framework will probably entice malware developers and threat actors to use more of those in the near future.
Security software should be deployed in order to detect the payloads and possible communications to Alchimist C2. The self-signed certificate used by the framework should raise immediate alerts when found in HTTPS communications.
News URL
https://www.techrepublic.com/article/alchimist-attack-framework-hits-windows-linux-mac/
Related news
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- Windows kernel bug now exploited in attacks to gain SYSTEM privileges (source)