Backdoor RAT for Windows, macOS, and Linux went undetected until now

by
Dan Goodin
from Ars Technica - All content on (#5V1ZX)
backdoor-800x533.jpg

Enlarge (credit: Jeremy Brooks / Flickr)

Researchers have uncovered a never-before-seen backdoor malware written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning engines.

Researchers from security firm Intezer said they discovered SysJoker-the name they gave the backdoor malware-on the Linux-based Webserver of a leading educational institution." As the researchers dug in, they found SysJoker versions for both Windows and macOS as well. They suspect the cross-platform RAT-short for remote access trojan-was unleashed in the second half of last year.

The discovery is significant for several reasons. First, fully cross-platform malware is something of a rarity, with most malicious software being written for one specific operating system. The RAT was also written from scratch and made use of four separate command-and-control servers, an indication that the people who developed and used it were part of an advanced threat actor that invested significant resources. It's also unusual for previously unseen Linux malware to be found in a real-world attack.

Read 6 remaining paragraphs | Comments

index?i=V9mIHn2aRsU:kWxYKQTvzCo:V_sGLiPB index?i=V9mIHn2aRsU:kWxYKQTvzCo:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments