EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users [thehackernews]

Security researchers have discovered a rare piece of Linux spyware that’s currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned.

It’s a known fact that there are a very few strains of Linux malware exist in the wild as compared to Windows viruses because of its core architecture and also due to its low market share, and also many of them don’t even have a wide range of functionalities.

In recent years, even after the disclosure of severe critical vulnerabilities in various flavors of Linux operating systems and software, cybercriminals failed to leverage most of them in their attacks.

Instead, a large number of malware targeting Linux ecosystem is primarily focused on cryptocurrency mining attacks for financial gain and creating DDoS botnets by hijacking vulnerable servers.

However, researchers at security firm Intezer Labs recently discovered a new Linux backdoor implant that appears to be under development and testing phase but already includes several malicious modules to spy on Linux desktop users.

EvilGnome: New Linux Spyware

Dubbed EvilGnome, the malware has been designed to take desktop screenshots, steal files, capture audio recording from the user’s microphone as well as download and execute further second-stage malicious modules.

According to a new report Intezer Labs shared with The Hacker News prior to its release, the sample of EvilGnome it discovered on VirusTotal also contains an unfinished keylogger functionality, which indicates that it was uploaded online mistakenly by its developer.

For more, click here.

Share