A new variant of a information wiping malware identified as AcidRain has been detected in the wild that’s precisely made for focusing on Linux x86 products.
The malware, dubbed AcidPour, is compiled for Linux x86 products, SentinelOne’s Juan Andres Guerrero-Saade claimed in a series of posts on X.
“The new variant […] is an ELF binary compiled for x86 (not MIPS) and though it refers to equivalent devices/strings, it is a mostly unique codebase,” Guerrero-Saade mentioned.
AcidRain to start with came to light-weight in the early times of the Russo-Ukrainian war, with the malware deployed towards KA-SAT modems from U.S. satellite company Viasat.
An ELF binary compiled for MIPS architectures is able of wiping the filesystem and unique known storage product documents by recursively iterating in excess of popular directories for most Linux distributions.
The cyber attack was subsequently attributed to Russia by the Five Eyes nations, alongside with Ukraine and the European Union.
AcidPour, as the new variant is called, is created to erase written content from RAID arrays and Unsorted Block Picture (UBI) file techniques by way of the addition of file paths like “/dev/dm-XX” and “/dev/ubiXX,” respectively.
It is really at the moment not crystal clear who the supposed victims are, although SentinelOne claimed it notified Ukrainian businesses. The actual scale of the assaults is presently unfamiliar.
The discovery after again underscores the use of wiper malware to cripple targets, even as threat actors are diversifying their attack approaches for maximum affect.
Identified this posting intriguing? Observe us on Twitter and LinkedIn to browse additional unique information we post.
Some parts of this article are sourced from:
thehackernews.com