A new backdoor exploit has proven to be capable of entering many popular operating systems, including devices running Linux, Windows and macOS.
Intezer reported the backdoor ‘SysJoker’ on January 11, which was initially found to attack Linux. Afterwards, variants of the backdoor were found to be on other OSes as well.
The backdoor is unusual since it can infiltrate multiple platforms. Malware typically affects a particular vulnerability in a platform rather than attacking multiple OSes at the same time.
The technical analysis of SysJoker showed that it may have been initiated in the 2nd half of 2021. It’s believed that the code is found on arm64 and Intel builds, which means it can affect older Macs and Apple Silicon computers.
A copy attaches itself to macOS devices via Library update, and afterward the malware downloads the user’s Google Drive file form account and runs an executable, among others. Antivirus engines are now picking up the backdoor after being recognized by researchers.