zCat on Nostr: Chinese hackers target Linux with new WolfsBane malware A new Linux backdoor called ...
Chinese hackers target Linux with new WolfsBane malware
A new Linux backdoor called 'WolfsBane' has been discovered, believed to be a port of Windows malware used by the Chinese 'Gelsemium' hacking group.
ESET security researchers who analyzed WolfsBane report that WolfsBane is a complete malware tool featuring a dropper, launcher, and backdoor, while it also uses a modified open-source rootkit to evade detection.
The researchers also discovered 'FireWood,' another Linux malware that appears linked to the 'Project Wood' Windows malware.
However, FireWood is more likely a shared tool used by multiple Chinese APT groups rather than an exclusive/private tool created by Gelsemium.
See more
BleepingComputer:
https://www.bleepingcomputer.com/news/security/chinese-gelsemium-hackers-use-new-wolfsbane-linux-malware/
Infosecurity magazine:
https://www.infosecurity-magazine.com/news/linux-malware-wolfsbane-firewood/
#cybersecurity #malware #linux
A new Linux backdoor called 'WolfsBane' has been discovered, believed to be a port of Windows malware used by the Chinese 'Gelsemium' hacking group.
ESET security researchers who analyzed WolfsBane report that WolfsBane is a complete malware tool featuring a dropper, launcher, and backdoor, while it also uses a modified open-source rootkit to evade detection.
The researchers also discovered 'FireWood,' another Linux malware that appears linked to the 'Project Wood' Windows malware.
However, FireWood is more likely a shared tool used by multiple Chinese APT groups rather than an exclusive/private tool created by Gelsemium.
See more
BleepingComputer:
https://www.bleepingcomputer.com/news/security/chinese-gelsemium-hackers-use-new-wolfsbane-linux-malware/
Infosecurity magazine:
https://www.infosecurity-magazine.com/news/linux-malware-wolfsbane-firewood/
#cybersecurity #malware #linux