Joker malware arrives on Mac and Linux: now SysJoker is the new threat

Here comes a new malware recently discovered by the cyber security company Intezer: it is called SysJoker and it affects Windows, macOS and Linux. More precisely, it is a backdoor, therefore a potential spying tool that can be used by the hacker who has it. The virus was first identified in December, so at the moment we don’t know which antivirus can detect and fight it.

This new malware, already present in other countries and only now in ours, is very dangerous even if it does not appear –

The SysJoker malware it was discovered just as it was in business. In fact, it has been identified during an attack on a Linux-based web server. The platform was only able to identify it for Windows, not Mac or Linux. They are believed to be sensitive personal data at risk.

How SysJoker works

But how does this new threat work? SysJoker is a backdoor, so it operates silently. In fact, it does not carry out attacks with an immediate tangible impact, but breaches the system silently. Practically, works very differently with respect to a ransomware. Once SysJoker has entered the system, it is very easy for all defenses to fail.

READ ALSO: The Brata Malware does not stop and infects smartphones: pay attention to the current account

The good thing, however, is that the new malware it cannot be launched remotely, but must be actively downloaded and installed by the user. Indeed, disguises itself as a software update, misleading the victim. In this way, the most attentive user can notice it promptly and activate the various defenses to protect themselves.

The main risk is that this malware commits personal data theft potentially very sensitive, such as bank credentials and credit cards, without us even realizing it. Although he was identified in December at the time it is not yet clear which antivirus can detect it. The Intezer company provides one series of checks that you can do to check if your device is infected, but it still is generic and complex procedures.

How malware is made

The creator of SysJoker is certainly a very good computer scientist. Indeed, the virus was written from scratch, without resorting to the term used for other malware. In this way can run on three different operating systems, using some vulnerabilities found especially on Linux.

Malware is written in C ++ and includes some variants that activate depending on which operating system it should hit. Also, when it acts on the operating system it leaves no traces of commands sent by the server during the attack phase or after infiltration was initiated. In short, this malware acts on systems like a ghost!

eu hacker project

READ ALSO: The Brata Malware does not stop and infects smartphones: pay attention to the current account

At the moment, they have been registered at least 4 different domains for the C&C server, although the attack was very cautious and reasoned. Not much else could be detected. Certainly, within few weeks we will be able to learn more about this threat to learn a identify and neutralize it immediately.

Source link

Leave a Comment