SysJoker Backdoors Infects Windows, Mac, and Linux Systems

More and more cybercrime organizations are turning towards multi-platform malware. This means that they are developing threats, which infiltrate not just the most popular operating system, Windows, but also Macs and Linux systems as well. One of the latest malware families to adopt this modus operandi is the SysJoker Backdoor and, unfortunately, it could turn out to be one of the most dangerous threats of January.

Of course, high-profile malware like this is typically not used on a mass scale. Instead, its operators aim to infiltrate a selected set of networks, which would grant them access to sensitive information. This means that threats like the SysJoker Backdoor are unlikely to reach regular users – instead, they will be used in highly targeted attacks.

SysJoker Backdoor Compatible With All Popular Operating Systems

Currently, the reports of SysJoker Backdoor attacks are not many, but this is likely to be due to the fact that the implant was identified only recently. The goal of its operators is to take control over the infected system, and then execute remote commands to plant more malware, or to exfiltrate files and other data.

Security experts suspect that SysJoker Backdoor's infection vector might be the use of compromised npm (Node Package Manager) packages. These are pre-made code snippets, which developers could fetch from a central repository, and implement in their software. However, if they unknowingly implement a malicious npm package, they could potentially expose all their users to malware. Although SysJoker Backdoor's functionality appears to be pretty limited, this is not necessarily a problem for its creators.

The lack of many features means that the malware leaves minimal footprint on infected devices, therefore making it less likely to be spotted. The best way to ensure that your systems and networks are protected against such attacks is to use reputable antivirus software and other security packages at all times.