Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities. The malware has various malicious capabilities, said researchers from exfiltrating data to tunneling network traffic to another destination. The Winnti threat group (a.k.a. APT41, a.p41, Barium, Wicked Panda or Wicked Spider) is known for nation-state-backed cyber-espionage activity as well as financial cybercrime. Researchers say it is likely that at least two entities have discovered the malware in their environment.
Source: https://threatpost.com/linux-systems-redxor-malware/164689/