Researchers Unveil New Linux Malware Linked to Chinese Hackers


Cybersecurity researchers on Wednesday shed light on a new sophisticated backdoor targeting Linux endpoints and servers that’s believed to be the work of Chinese nation-state actors.

Dubbed “RedXOR” by Intezer, the backdoor masquerades as a polkit daemon, with similarities found between the malware and those previously associated with the Winnti Umbrella (or Axiom) threat group such as ​PWNLNX, ​XOR.DDOS​ and Groundhog.

Read more…