A new variant of a info wiping malware identified as AcidRain has been detected in the wild that is especially built for concentrating on Linux x86 equipment.
The malware, dubbed AcidPour, is compiled for Linux x86 units, SentinelOne’s Juan Andres Guerrero-Saade reported in a series of posts on X.
“The new variant […] is an ELF binary compiled for x86 (not MIPS) and even though it refers to comparable gadgets/strings, it can be a mostly various codebase,” Guerrero-Saade noted.

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
AcidRain first arrived to gentle in the early days of the Russo-Ukrainian war, with the malware deployed towards KA-SAT modems from U.S. satellite business Viasat.
An ELF binary compiled for MIPS architectures is capable of wiping the filesystem and distinctive recognized storage unit documents by recursively iterating above popular directories for most Linux distributions.
The cyber attack was subsequently attributed to Russia by the Five Eyes nations, together with Ukraine and the European Union.
AcidPour, as the new variant is named, is designed to erase content material from RAID arrays and Unsorted Block Impression (UBI) file techniques through the addition of file paths like “/dev/dm-XX” and “/dev/ubiXX,” respectively.
It truly is presently not crystal clear who the supposed victims are, despite the fact that SentinelOne stated it notified Ukrainian businesses. The correct scale of the attacks is presently unknown.
The discovery as soon as once more underscores the use of wiper malware to cripple targets, even as risk actors are diversifying their attack procedures for greatest effects.
Found this post interesting? Comply with us on Twitter and LinkedIn to browse far more distinctive content we post.
Some areas of this posting are sourced from:
thehackernews.com