Malware believed to have been created by Chinese hackers.
Security researchers have found a new strain of Linux malware that appears to have been created by Chinese hackers and has been used as a means to remotely control infected systems.
Named HiddenWasp, this malware is composed of a user-mode rootkit, a trojan, and an initial deployment script.
The malware has a similar structure to another recently-discovered Linux malware strain --
the Linux version of Winnti, a famous hacking tool used by Chinese state hackers.
Copy-paste job? Chinese origin?
In a technical report published today, Nacho Sanmillan, a security researcher at Intezer Labs, highlights several connections and similarities that HiddenWasp shares with other Linux malware families, suggesting that some of HiddenWasp code might have been borrowed.
... ...