- Unit 42 researchers found a new variant of cryptojacking malware named Black-T, the brainchild of the TeamTNT cybercrime group, boosting its capabilities against Linux systems.
- The added potential includes memory password scraping via mimipy (works on Windows/Linux/OSX) and mimipenguin (Linux desktop)—two open-source Mimikatz equivalents targeting *NIX desktops.
IPStorm prepares for thunders
- In a recent development, experts at Intezer revealed that IPStorm now boasts of newer versions targeting Android, Linux, and Mac devices.
- Linux and Mac devices are infected after the gang performs a brute-force technique against SSH services.
- However, the Android systems are infected when the malware scans the internet for devices that had left their ADB (Android Debug Bridge) port exposed online.
FinSpy’s malware spin
- FinSpy, also known as FinFisher, used new variants that target macOS and Linux users. The spyware already had tools for Windows, iOS, and Android users.
- Besides keylogging, call interception, and screen recording, the malware’s additional capabilities included stealing emails by installing a malicious add-on to Apple Main and Thunderbird and collecting Wi-Fi network information.