Security News > 2022 > October > New Alchimist attack framework targets Windows, macOS, Linux
Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems.
Alchimist offers a web-based interface using the Simplified Chinese language, and it's very similar to Manjusaka, a recently-emerged post-exploitation attack framework growing popular among Chinese hackers.
Alchimist gives operators an easy-to-use framework that lets them generate and configure payloads placed on infected devices to remotely take screenshots, run arbitrary commands, and perform remote shellcode execution.
Insikt doesn't work on macOS yet, so Alchimist covers this gap using a Mach-O file, a 64-bit executable written in GoLang that contains an exploit for CVE-2021-4034.
Alchimist offers the same exploit for the Linux platform, too, as long as pkexec is installed on the system.
Alchimist is another attack framework available to cybercriminals who don't have the knowledge or capacity to build all the components required for sophisticated cyberattacks.
News URL
Related news
- LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-4034 | Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. | 7.8 |