Enlarge (credit: Jeremy Brooks / Flickr)
Researchers have uncovered a never-before-seen backdoor malware written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning engines.
Researchers from security firm Intezer said they discovered SysJoker—the name they gave the backdoor malware—on the Linux-based Webserver of a “leading educational institution.” As the researchers dug in, they found SysJoker versions for both Windows and macOS as well. They suspect the cross-platform RAT—short for remote access trojan—was unleashed in the second half of last year.
The discovery is significant for several reasons. First, fully cross-platform malware is something of a rarity, with most malicious software being written for one specific operating system. The RAT was also written from scratch and made use of four separate command-and-control servers, an indication that the people who developed and used it were part of an advanced threat actor that invested significant resources. It’s also unusual for previously unseen Linux malware to be found in a real-world attack.
Read 6 remaining paragraphs | Comments