It has been affecting systems for months, but it has gone completely unnoticed. Last December, security researchers at Intezer picked up a backdoor called the “SysJoker”.
In fact, this malicious code is completely new and was written from the beginning for three major operating systems (Windows, macOS and Linux). This requires minimal algorithms and technical knowledge. Cannot be allocated at this time. So it is unknown at this time what he will do after leaving the post.
The performance of this malicious code is terrible. At the time of discovery on the Linux web server “A Leading Educational Institution”, Which is not detected by any antivirus machines at all.
To deceive the user, it looked like a malware system update, but we do not know how it was able to affect its target. One of the researchers’ hypotheses was that it was buried in “npm” software, the cross-platform package manager.
Also watch the video:
Once installed, the malware uploads a text file to Google Drive, which – in encrypted form – finds the domains of its command and control servers.
The latter can send two main steps: Download and install the other malicious code “exe” and execute the command “cmd”.
Unfortunately, so far no regulation has been observed. This backdoor is often used for internet spying. Researchers estimate that the first infections occurred in the second half of 2021. Overall, this surgery is still a mystery.
Professional bacon fanatic. Explorer. Avid pop culture expert. Introvert. Amateur web evangelist.