This is a very interesting article talking about how a phishing attack can deliver a Linux backdoor to your machine running say windows.
The campaign is called con trap (con#trap) and its pretty clever if i should say so myself.
For screen reader users, there’s a number sign between the words which I found when reviewing the spelling of this for this blog.
While using virtual machines to perform attacks aren’t new, they install these things by hand after taking control of the system.
Through a phishing email, they can deliver a file which you would run to get things done. Clever, right?
The file delivered is supposed to install a backdoor copy of Linux, which gets the ctor in.
It continues to talk about a legitimate program called Qemu and how it is being abused to do the actors dirtywork.
Read the entire blog article Windows infected with backdoored Linux VMs in new phishing attacks for complete details.
This … is going to get very interesting.