A previously undocumented command-and-control (C2) framework, Alchemist, is likely being used to target Windows, MacOS, and Linux systems in the wild.
Alchimist C2 can generate a configured payload, establish remote sessions, deploy payload to the remote machines, take screenshots, perform remote shellcode execution, and execute arbitrary commands, according to a report shared by Cisco Talos. It also has a web interface written in simplified Chinese.
Additionally, the Alchimist C2 panel has the ability to create first-stage payloads, such as PowerShell and get code snippets for Windows and Linux, which could enable an attacker to strengthen their infection chains and disseminate the Insekt RAT binary.
Read More: New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
