Security News > 2022 > October > New Alchimist attack framework targets Windows, macOS, Linux

New Alchimist attack framework targets Windows, macOS, Linux
2022-10-13 12:00

Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems.

Alchimist offers a web-based interface using the Simplified Chinese language, and it's very similar to Manjusaka, a recently-emerged post-exploitation attack framework growing popular among Chinese hackers.

Alchimist gives operators an easy-to-use framework that lets them generate and configure payloads placed on infected devices to remotely take screenshots, run arbitrary commands, and perform remote shellcode execution.

Insikt doesn't work on macOS yet, so Alchimist covers this gap using a Mach-O file, a 64-bit executable written in GoLang that contains an exploit for CVE-2021-4034.

Alchimist offers the same exploit for the Linux platform, too, as long as pkexec is installed on the system.

Alchimist is another attack framework available to cybercriminals who don't have the knowledge or capacity to build all the components required for sophisticated cyberattacks.


News URL

https://www.bleepingcomputer.com/news/security/new-alchimist-attack-framework-targets-windows-macos-linux/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-01-28 CVE-2021-4034 Out-of-bounds Write vulnerability in multiple products
A local privilege escalation vulnerability was found on polkit's pkexec utility.
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 384 2365 1508 667 4924