News Hub

New backdoor attacking Windows, Linus and Mac systems.

Written by Fri 21 Jan 2022

Originally identified by cybersecurity firm Intezer late last year, malware threat SysJoker is now a rising challenge for companies of all sizes. By creating backdoors on several leading operating systems, namely Windows, Linus and Mac, SysJoker is able to give cyber criminals comprehensive access to compromised networks.

Masquerading as a system update for Linux and Mac systems, with Windows users seeing the malware as Intel drivers, the malware has been in use from July of 2021. Further analysis of SysJoker shows that whoever is behind these cyber attacks is actively monitoring the compromised systems they has already breached.

Initial indications show that SysJoker is likely to have originated from an advanced cyber criminal group due to the fact that code was written from scratch and unique code has been written for multiple different operating systems.

“Based on the malware’s capabilities we assess that the goal of the attack is espionage together with lateral movement which might also lead to a ransomware attack as one of the next stages,” explains Intezer researchers in a recent blog post. As current evidence from Intezer finds that this threat doesn’t contain a second stage or command sent from the attacker, this “suggests. that the attack is specific which usually fits for an advanced actor.”

Thankfully, Intezer do not believe SysJoker to be a widespread threat but expect it was used to target specific victims. Depending on the operating system, Intezer have offered advice on how to reduce the chance of leaving this threat on your system. From scanning memory to uncover suspicious payload to monitoring networks for unusual activity, there are a number of ways IT teams can ensure they are not harbouring malware on their networks.

Written by Fri 21 Jan 2022

Sponsored by


backdoor linus mac SysJoker Windows
Send us a correction Send us a news tip