Fresh backdoor Trojan SpeakUp detected spreading far and wide

SpeakUp, one newly created backdoor Trojan, is being distributed through certain malware campaign, it is reported. The Trojan infects servers operating 6 separate Linux distributions as well as macOS via the exploitation of several known security flaws. It has another capability that is it successfully circumvents any kind of anti-malware during its infection process.

As typical of it, a backdoor Trojan is malicious software that first enables attackers gain admission into compromised computers. Subsequently, it gives those attackers hold over the infected PCs through instructions its command-and-control infrastructure issues. In the latest surge of assaults, the attackers have been working with an exploit related to a framework called ThinkPHP for contaminating servers with SpeakUp.

SpeakUp reportedly targets servers mostly within Latin America and Asia. It particularly infects Mac systems and Amazon Web Services hosted devices. The much popular VirusTotal so far hasn't made any detections of SpeakUp which allows the malware to conveniently bypass all anti-virus programs. The Trojan has been observed propagating
a crypto-miner called XMRig onto a China located device and its report has reached VirusTotal dated 9th January, 2019.

Security investigators from Check Point after detecting the new backdoor reported another feature of the Trojan viz. it has certain Python script built inside which it employs for lateral proliferation across local networks. They caution a greater threat is anticipated from the propagation technique and obfuscated payloads of the malware. For, it's difficult accepting that SpeakUp's creator would develop the said series of payloads merely for installing a handful of miners. So the current campaign's perpetrator may well anytime install further payloads which would be more aggressive and invasive. www.infosecurity-magazine.com posted this, February 5, 2019.

Check Point researchers link the creator of SpeakUp with one other malware creator namely Zettabit; however, this identification of the perpetrator isn't still confirmed.

In the meantime, it is evident that SpeakUp campaign's perpetrator presently contaminating macOS and Linux systems globally may utilize the Trojan installed onto target systems for thrusting additional payloads apart from the XMRig crypto miner that's likely to make the malware increasingly perilous as well as plausibly more intrusive.

» SPAMfighter News - 2/7/2019