Experts at Intezer discovered a new piece of Linux malware dubbed EvilGnome. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The malware allows attackers to take screenshots, steal files, capture audio recordings from the microphone, and download and execute other payloads. The attack starts with spear-phishing emails containing weaponized attachments, the malware is distributed via Russian hosting providers. The malicious code includes an unfinished keylogger, some comments, symbol names and compilation metadata, a circumstance that suggests authors are still working on it.”]
Source: https://securityaffairs.co/wordpress/88551/malware/evilgnome-linux-spyware.html