Malware targeting multiple operating systems has become quite popular lately. A cybersecurity company discovered a new vulnerability in December 2021 that poses a threat to Windows, Mac, and Linux.
A group of researchers from software security firm Intezer discovered malware on an educational institution’s Linux-based Web server. Researchers announced that they discovered the Back Door bug, which they called SysJoker, and provided information about the vulnerability.
May lead to espionage and ransomware attacks
The vulnerability, named SysJoker, which was first discovered during an attack on an educational institution’s Linux-based Web server, turned out to be seen in Mac and Windows versions with further research. This software, which looked like a system update, was a serious threat to users.
The vulnerability created the control server domain by decoding a string retrieved from a text file in Google Drive. Vulnerability SysJoker written in C++ programming language; It was not detected in VirusTotal, the Linux, Windows, or Mindows malware search engine. During the researchers’ analysis, the server changed three times, indicating that the attacker was active and monitoring infected devices.
The first reason the discovery of this malware was significant is that this vulnerability works with a hybrid structure, not for a specific operating system like the others, threatening all platforms. Another reason was that this vulnerability was written from scratch using four separate command and control servers. This showed that the people who developed and used it invested significant resources.
Researchers stated that as a result of monitoring targeted organizations and malware, SkyJoker could lead to espionage and ransomware attack.
22964
