Mélofée: The Latest Malware Targeting Linux Servers
1 min read
Mar 31, 2023
ExaTrack, a France-based cybersecurity firm, has discovered a “novel” malware, which they have named Mélofée. According to the researchers, this malware is specifically targeting Linux servers and is believed to be operated by an unidentified Chinese state-backed APT group.
The researchers have linked this malware to the notorious Winnti group with high confidence. “We linked with high confidence this malware to Chinese state-sponsored APT groups, in particular the notorious Winnti group,” researchers said in a blog post.
According to THN’s report, the malware has also been linked to another state-sponsored APT group called Earth Berberoka (or GamblingPuppet), which mainly targets gambling websites in China and has been active since 2020. The group uses multi-platform malware such as Pupy RAT and HelloBot.
The malware’s capabilities include a kernel-mode rootkit, which is based on an open-source project called Reptile. The rootkit has limited features, as it mainly installs a hook designed to keep itself hidden.
Related Articles
1 - 0 min read
KDE Issues Warning After Theme Wipes Linux Users
1 - 0 min read
Ubuntu Tool Could Trick Users Into Installing Rogue Packages
1 - 0 min read
8220 Hacker Group Attacking Windows & Linux Web Servers
1 - 0 min read
New SLAM Attack Threatens Future CPUs Security
