RTM Locker Ransomware Targets Linux Architecture
A new ransomware binary targeting Linux systems has been attributed to the ransomware-as-a-service (RaaS) RTM group.
Discover Hacks/Cracks News
Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks
The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033.
Lazarus Hackers’ Linux Malware Linked to 3CX Supply-Chain Attack
New cyber research connects the infamous North Korea-aligned Lazarus Group behind the Linux malware attack called Operation DreamJob to the 3CX supply-chain attack.
Chinese Hackers Use New Linux Malware Variants for Espionage
Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.'
Chinese Hackers Using KEYPLUG Backdoor to Attack Windows & Linux Systems
It has been reported by the Recorded Future’s Insikt Group that RedGolf, a Chinese state-sponsored threat actor group, was using a backdoor designed especially for Windows and Linux systems called KEYPLUG to infiltrate networks.
Researcher Creates Polymorphic Blackmamba Malware with ChatGPT
The ChatGPT-powered Blackmamba malware, which can operate on macOS, Windows, and Linux systems, works as a keylogger, with the ability to send stolen credentials through Microsoft Teams.
New Variant of the IceFire Ransomware Targets Linux Enterprise Systems
A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company Sentinel One. The exploit is for CVE-2022-47986, a recently patched Aspera Faspex vulnerability.
IceFire Ransomware Now Encrypts Both Linux and Windows Systems
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer.
SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics
The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system.
Iron Tiger Hackers Create Linux Version of Their Custom Malware
The APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom remote access malware, allowing the Chinese cyberespionage group to target more services used in the enterprise.
