SparklingGoblin Revamps SideWalk Backdoor for Linux Variant
SparklingGoblin Revamps SideWalk Backdoor for Linux Variant
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
SparklingGoblin aka Earth Baku State-backed Chinese hackers has integrated a Linux variant of the SideWalk backdoor. SparklingGoblin Threat actors typically target East and Southeast Asian countries, with a special emphasis on the educational sector, employing Motnug and ChaCha20-based loaders, the CROSSWALK and SideWalk backdoors, as well as Korplug (aka PlugX) and Cobalt Strike.