Press ESC to close

China-linked hackers target Linux systems with new spying malware

  • APT
  • November 22, 2024
CategoryDetails
Threat ActorsGelsemium (China-linked state-sponsored threat actor).
Campaign OverviewEspionage campaign targeting Linux systems, deploying malware strains WolfsBane and FireWood.
Target Regions (Or Victims)Taiwan, the Philippines, Singapore (likely targets), East Asia, Middle East.
MethodologyExploiting an unknown web application vulnerability to gain access to victims’ devices.
Product targetedLinux systems.
Malware ReferenceWolfsBane (Linux backdoor), FireWood (Linux backdoor), Gelsevirine (Windows backdoor), Project Wood.
Tools UsedWolfsBane, FireWood (backdoors).
Vulnerabilities ExploitedUnknown web application vulnerability (specifics not provided).
TTPsTargeting sensitive data (system information, user credentials, files), evading detection.
AttributionGelsemium (China-aligned state hackers).
RecommendationsIncreased focus on securing Linux systems, especially internet-facing systems vulnerable to exploits.
SourceThe Record

Read full article: https://therecord.media/china-hackers-linux-malware-target

Disclaimer: The above summary has been generated by an AI language model.

Source: The Record

Published on: November 22, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *