Security researchers at Intezer have discovered a previously undocumented Linux backdoor dubbed RedXOR. The new malware is believed to be a new malicious tool added to China’s Winnti umbrella threat group’s arsenal. The backdoor comes with a large set of capabilities, including executing commands with system privileges, managing files on infected Linux boxes, hiding its process using the Adore-ng open-source rootkit, proxying malicious traffic, remote updating, and more. Researchers also found multiple connections between the backdoor and multiple malware strains linked to Chinese hackers, including PWNLNX, Groundhog and XOR.
Source: https://www.bleepingcomputer.com/news/security/chinese-state-hackers-target-linux-systems-with-new-malware/