RedXOR is incredibly extensive malware that can steal data, gather system information such as the MAC address, username, clock speed, distribution, clock speed, and kernel version.
Chinese state-sponsored hackers have been pretty active lately. Just last week Microsoft revealed that its Exchange Email server was targeted by Chinese hackers after which 30,000 organizations across the globe are at risk. This includes European Banking Authority (EBA) who has already acknowledged that hackers were in its email system.
RECENT: Ongoing ‘FreakOut’ malware attack turns Linux devices into IRC botnet
But now, another group of Chinese state-sponsored hackers has been found using a new Linux malware capable of stealing personal data and browsing data from a targeted system.
Chinese State-Sponsored Hackers Deploying RedXOR on Legacy Linux Systems.
The IT security researchers at Intezer have discovered that hackers are targeting legacy Linux systems with RedXOR malware, which is developed by Chinese state-sponsored hackers.
It is worth noting that Linux systems are regularly targeted because most of the public cloud workload is run on these systems.
“Linux systems are under constant attack given that Linux runs on most of the public cloud workload. Along with botnets and cryptominers, the Linux threat landscape is also home to sophisticated threats like RedXOR developed by nation-state actors.”
“Based on victimology, as well as similar components and Tactics, Techniques, and Procedures (TTPs), we believe RedXOR was developed by high profile Chinese threat actor ..
Support the originator by clicking the read the rest link below.
