Backdoor for Windows, macOS, and Linux went undetected until now


Investigators have found an unprecedented back door written from scratch on Windows, macOS, or Linux machines that has not been identified by all malware engines.

Researchers from security company Intezer he said found SysJoker – the name he gave back – on the Webserver from Linux of the “advanced learning team.” When the diggers dug, they also found SysJoker versions for Windows and macOS. They suspect that a malicious malware program was released in the second half of last year.

Availability is important for a number of reasons. First, malware is a rare commodity, while many malicious programs are targeted at specific programs. The back door was redesigned from scratch and used four different control-and-control servers, indicating that the people who created and used them were among the high-risk threats that cost the most money. It is rare for an undetectable Linux malware to be detected in a real attack.

Windows-type analysis (by Intezer scribe) and Macs type (researcher Patrick Wardle) found that SysJoker offers high-quality back-up technology. The files used for both Windows and macOS versions were .ts. Intezer said this could be an indication that the file was changed to a write the script app spread after sneak in npm JavaScript repository. Intezer went on to say that SysJoker disguises itself as a machine switch.

Wardle, meanwhile, said the extension to .ts could indicate that the file was modified as streaming videos content. He also found that the macOS file was digitally signed, even though ad-hoc signature.

SysJoker is listed in C ++, and as of Tuesday, the Linux and macOS versions have not been fully identified on the VirusTotal malware search engine. The backdoor creates its own domain-server by recording the strings taken from files on Google Drive. During the time the researchers were analyzing, the server switched on three times, indicating that the attacker was active and monitoring the virus-infected machines.

In light of the agencies being monitored and the systems of the malware, Intezer’s analysis is that SysJoker pursues certain goals, possibly with the aim of “spying along with side-by-side operations that could re-launch ransomware attacks as the next step.”


Original Article reposted fromSource link

Disclaimer: The website autopost contents from credible news sources and we are not the original creators. If we Have added some content that belongs to you or your organization by mistake, We are sorry for that. We apologize for that and assure you that this won’t be repeated in future. If you are the rightful owner of the content used in our Website, please mail us with your Name, Organization Name, Contact Details, Copyright infringing URL and Copyright Proof (URL or Legal Document) aT spacksdigital @ gmail.com

I assure you that, I will remove the infringing content Within 48 Hours.

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

iPhone 14 Pro will have a new notch design – here’s what it might look like

Above are two tools you should be aware of. The cutting of the notch at the top performs two functions. First of all, it features Face ID tools that offer one of the iPhone’s signature features as well as a great security feature on Android. Again, the notch gives the iPhone an identification. The iPhone […]

Read More
Tech

NASA gives a lift to 57 high-flying student experiments, including one from the Seattle area

NASA has launched the top Raven Aerostar balloon. (NASA photo / Bill Rodman) NASA has selected 57 winning teams – including the Interlake High School team in Bellevue, Wash – to receive construction funding and broadcast experiments that focus on education ranging from reducing moon dust to inkjet printing in zero gravity. The Interlake team […]

Read More
Tech

Google Pixel “At a Glance” Starts to Get New Batch of Features

The “At A Glance” widget that Google will allow us to turn off Pixel phones at the end will do more than just show you the time and time of departure and arrival time on calendars. The previous rumors were to get a bigger list of new and existing combinations that have been released to […]

Read More