Kobalos Malware
The Kobalos Malware is a newly identified threat that appears to go after big targets such as supercomputers owned by various Internet Service Providers, security vendors and private companies. The malware has been active in Asia and the United States, so it would appear that its operators are going after targets worldwide. So far, all copies of the Kobalos Malware were only compatible with the Linux operating system. Still, researchers report that its codebase could be altered to go after Microsoft Windows servers as well.
The Kobalos implant behaves like a backdoor Trojan, but researchers say that its operators could modify its properties easily to fulfills different purposes. For example, the Kobalos Malware has the ability to turn the infected device in a Command-and-Control server by building a new payload on-the-spot. In addition to this, it often introduces secondary malware to sniff out SSH credentials and then try to use them to infect other devices in the same network. The backdoor functionality of Kobalos allows its operators to execute remote commands, access files, and more.
All reports show that the Kobalos Malware is a very advanced project, which is likely to be cross-platform compatible. These reasons are enough to suspect that a high-profile Advanced Persistent Threat (APT) actor might be behind the campaign. However, the Kobalos implant is yet to be linked to any of the APT groups operating in the regions that this malware targets.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.