Hackers Spotted Using PingPull Linux Variant in Cyberattacks
Cyberattacks have become more sophisticated in recent years, with hackers employing a wide range of tools and strategies to get access to critical information. The use of malware is one of the most efficient tactics, and a new form of the PingPull virus has been uncovered, which is being used in targeted attacks by Chinese hackers.
PingPull malware has been around for a few years and is mostly used to steal data from affected systems. The software is meant to run in the background of a computer and collect data such as usernames, passwords, and other sensitive information. The latest version of PingPull is intended to run on Linux systems, as opposed to prior versions, which were intended to run on Windows systems.
The latest PingPull variant was found by cybersecurity researchers at Qihoo 360’s Netlab. The virus was discovered to be employed in targeted assaults against organisations in Southeast Asia, notably Myanmar, Vietnam, and the Philippines, according to the researchers. The hackers behind these attacks are thought to be members of the Chinese APT organization APT27 or Emissary Panda.
The malware is being disseminated using phishing emails that contain a malicious attachment that, when opened, installs the malware on the victim’s PC. When the malware is installed, it collects data from the infected system and sends it back to the attacker’s command-and-control server.
See more: NCR resumes services after a ransomware attack
Because Linux systems are frequently used in critical infrastructure and other sensitive environments, the Linux variant of PingPull is especially concerning. Many cybersecurity professionals use Linux, and the fact that the virus is built to execute on this platform shows that the attackers are actively targeting them. Organizations must be attentive to email security to protect themselves against this type of assault. Employees should be trained to recognize phishing emails and should never open attachments or click on links from unknown senders. Maintaining software and operating systems up to date is also critical to guarantee that known vulnerabilities are patched.
See more: NAS and ESXi Hosts targeted by RTM Locker’s Linux Ransomware
The discovery of a Linux variant of the PingPull malware is a worrying development in the world of cybercrime. Organizations must remain cautious and take precautions against this type of attack. Organizations can limit their vulnerability to these types of attacks by installing strong security measures and remaining up to date on the latest threats.
Author: Jasmine Sahoo
We hope you found article interesting. For more exclusive content follow us on Facebook, Twitter and LinkedIn