Linux Support Expands Cyber Spy Groups Arsenal

  /     /     /  
Publicated : 23/11/2024   Category : security


Linux Support Expands Cyber Spy Groups Arsenal


An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems.



A pervasive cyber-espionage group known as Iron Tiger, believed to be out of China, has updated one of its malware frameworks to attack Linux-based systems.
Researchers at Trend Micro recently discovered that Iron Tiger (aka Emissary Panda or APT27) had added new features to its so called SysUpdate malware family, which allows it to infect Linux platforms in addition to Windows. SysUpdate abuses system services, grabs screenshots, browses and terminates processes, retrieves drive information, executes commands, and can find, delete, rename, upload, and download files as well as peruse a victims file directory.
One other new feature the firm found with the newest version of SysUpdate: command-and-control communications via DNS TXT requests. While DNS is not supposed to be a communication protocol, the attacker abuses this protocol to send and receive information, the researchers
wrote in a blog post about their findings
.
Iron Tiger was among a group of five cyber-espionage groups
flagged in 2020 by BlackBerry
 as targeting Linux-based systems.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Linux Support Expands Cyber Spy Groups Arsenal