This new malware wants to create backdoors and targets Windows, Linux and macOS

16 January 2022 | 12:25 Code : 23337 news
visits:335
Researchers uncovered SysJoker when investigating another cyberattack - and warn that it's likely the work of an advanced hacking operation with the aim of espionage.

Cybersecurity researchers have uncovered a new form of malware that can create backdoors on Windows, Linux and macOS operating systems, providing hackers with full access to compromised systems. 

The malware has been detailed by researchers at Intezer, who have named it SysJoker. It was discovered while they were investigating an attack against a Linux-based web server at an undisclosed educational institution in December. SysJoker wasn't the malware behind the attack being investigated – but it was already present on the servers. 


The nature of SysJoker and the way it's designed to provide a backdoor into systems – with the ability to run commands, download and upload files – suggests the goal for those delivering it could be espionage, but it could also be utilised as a tool for delivering additional malware to compromised systems.

SEE: A winning strategy for cybersecurity (ZDNet special report)

"Based on the malware's capabilities we assess that the goal of the attack is espionage together with lateral movement that might also lead to a ransomware attack as one of the next stages," Avigayil Mechtinger, cybersecurity researcher at Intezer, told ZDNet. 

SysJoker compromises victim devices by masquerading as a system update for Linux and MacOS, while in the Windows version it masquerades as Intel drivers. It's unclear how the phoney driver updates are delivered to victims, but the nature of the updates means that users are likely to follow the instructions to install them.  

Researchers note that the names of the update names like "updateMacOs" and "updateSystem" are relatively generic, which is something that could potentially arouse suspicion. 

tags: malware attack sysjoker 39 s systems ndash


Your Comment :