Actor(s): Gamaredon Group
According to Infosec Institute, EvilGnome presents itself to unwitting Linux users as a legitimate GNOME extension. Legitimate extensions help to extend Linux functionality, but instead of a healthy boost in system functionality, EvilGnome begins spying on users with an array of functionalities uncommon for most Linux malware types.
|2021-11-04 ⋅ Security Service of Ukraine ⋅ |
Gamaredon / Armageddon Group: FSB RF Cyber attacks against Ukraine
EvilGnome Pteranodon RMS
|2020-06-16 ⋅ Intezer ⋅ |
ELF Malware Analysis 101: Linux Threats No Longer an Afterthought
Cloud Snooper Dacls EvilGnome HiddenWasp MESSAGETAP NOTROBIN QNAPCrypt Winnti
|2019-07-17 ⋅ Intezer ⋅ |
EvilGnome: Rare Malware Spying on Linux Desktop Users
There is no Yara-Signature yet.