Chinese state-backed hackers APT27, also known as Iron Tiger, have developed a malware toolkit called SysUpdate that targets devices running on the Linux operating system. The criminals, who specialise in cyber espionage, are part of a Chinese cybercrime syndicate called TiltedTemple that has been going after targets across Europe.
Chinese APT gang Iron Tiger releases new malware targeting devices operating Linux. (Photo by Telly/Shutterstock)
Earlier versions of the malware toolkit SysUpdate are designed to evade security software and resist reverse engineering, and this latest version could be more dangerous than ever, new research suggests.
Chinese APT cyber espionage gang releases malware tool
The Chinese cyber espionage gang is also tracked as Bronze Union, Emissary Panda and Lucky Mouse, and is known to use another Linux malware called rshell, as well as SysUpdate.
The new malware variant now uses five files in its infection routine instead of the usual three. A report by security company Trend Micro details that some of the other rootkits APT27 uses are also new.
SysUpdate has fallen out of favour among hackers in recent years, the report says, but has now been uncovered once more with new and improved Linux capabilities. This could be in part due to the current resurgence in popularity of malware targeting Linux, which can be found on the majority of the world’s mobile devices as well as PCs.
APT27: ‘Iron Tiger’ back in the spotlight
Iron Tiger is known for carrying out cyber espionage on behalf of the Chinese government. It was first spotted in 2009 and typically targets governments, defence companies and critical national infrastructure in Asia, America and the Middle East.
It operates as part of a larger syndica ..
Support the originator by clicking the read the rest link below.
