ChamelGang Expands Capabilities with New Linux Malware
The notorious threat actor, ChamelGang, has been discovered using a new malware to backdoor Linux systems. This expansion of the group’s capabilities has been observed by cybersecurity researchers from Stairwell.
The newly discovered malware is called ChamelDoH and is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. This method of communication makes it harder to detect and block the malware’s traffic.
ChamelGang was first identified by Positive Technologies, a Russian cybersecurity firm, in September of 2021. Since then, they have been linked to various cyber attacks, including supply chain attacks and crypto mining campaigns. The discovery of ChamelDoH marks a new expansion of the group’s capabilities.
The discovery of ChamelGang’s new malware, ChamelDoH, has highlighted the group’s expansion of capabilities to backdoor Linux systems. This new method of communication via DNS-over-HTTPS makes it harder for detection and blocking. ChamelGang has been linked to various cyber attacks, including supply chain attacks and crypto mining campaigns, and continues to be a threat to cybersecurity.Original Article: https://thehackernews.com/2023/06/chameldoh-new-linux-backdoor-utilizing.html