RedXOR Malware
Cybersecurity researchers have discovered a previously unseen malware family hosted on corrupted files uploaded to a popular online file scanning service. The threat, dubbed RedXOR Malware, was found on systems in Taiwan and Indonesia, and it appears to go after Linux-based devices. What is worrisome about the threat is that it works as a backdoor with very rich features - its operators are practically given full control over the compromised system. They receive the ability to manage the file system, download files, install Web shells and more.
In addition to being rich in features, the RedXOR Malware has the ability to be very stealthy – if it manages to run with elevated permissions, it may hide its processes entirely, therefore making it difficult to identify it manually.
The development and usage of the RedXOR Malware are attributed to WINNTI Group (also known as APT41) a China-based threat actor, which has been involved in attacks against companies operating in the software and game development industry previously.
In the past, Linux-compatible malware was a very rare occurrence, but things have changed over the past couple of years. Nowadays, malware running on Linux is not unheard of, and the threat developers building these projects continue to hone their skills and create more proficient malware families. Just like Windows systems, Linux systems also need to be protected by additional security software and measures.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.