A new variant of a info wiping malware identified as AcidRain has been detected in the wild that is especially built for concentrating on Linux x86 equipment.
The malware, dubbed AcidPour, is compiled for Linux x86 units, SentinelOne’s Juan Andres Guerrero-Saade reported in a series of posts on X.
“The new variant […] is an ELF binary compiled for x86 (not MIPS) and even though it refers to comparable gadgets/strings, it can be a mostly various codebase,” Guerrero-Saade noted.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
AcidRain first arrived to gentle in the early days of the Russo-Ukrainian war, with the malware deployed towards KA-SAT modems from U.S. satellite business Viasat.
An ELF binary compiled for MIPS architectures is capable of wiping the filesystem and distinctive recognized storage unit documents by recursively iterating above popular directories for most Linux distributions.
The cyber attack was subsequently attributed to Russia by the Five Eyes nations, together with Ukraine and the European Union.
AcidPour, as the new variant is named, is designed to erase content material from RAID arrays and Unsorted Block Impression (UBI) file techniques through the addition of file paths like “/dev/dm-XX” and “/dev/ubiXX,” respectively.
It truly is presently not crystal clear who the supposed victims are, despite the fact that SentinelOne stated it notified Ukrainian businesses. The correct scale of the attacks is presently unknown.
The discovery as soon as once more underscores the use of wiper malware to cripple targets, even as risk actors are diversifying their attack procedures for greatest effects.
Found this post interesting? Comply with us on Twitter and LinkedIn to browse far more distinctive content we post.
Some areas of this posting are sourced from:
thehackernews.com
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT