Security News > 2022 > October > New Alchimist attack framework targets Windows, macOS, Linux
Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems.
Alchimist offers a web-based interface using the Simplified Chinese language, and it's very similar to Manjusaka, a recently-emerged post-exploitation attack framework growing popular among Chinese hackers.
Alchimist gives operators an easy-to-use framework that lets them generate and configure payloads placed on infected devices to remotely take screenshots, run arbitrary commands, and perform remote shellcode execution.
Insikt doesn't work on macOS yet, so Alchimist covers this gap using a Mach-O file, a 64-bit executable written in GoLang that contains an exploit for CVE-2021-4034.
Alchimist offers the same exploit for the Linux platform, too, as long as pkexec is installed on the system.
Alchimist is another attack framework available to cybercriminals who don't have the knowledge or capacity to build all the components required for sophisticated cyberattacks.
News URL
Related news
- Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver (source)
- Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries (source)
- XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor (source)
- Critical Rust flaw enables Windows command injection attacks (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- New Spectre v2 attack impacts Linux systems on Intel CPUs (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-4034 | Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. | 7.8 |