A new threat called HiddenWasp is focused solely on achieving targeted remote control of infected hosts. Malware generally consists of three parts: A script responsible for downloading the malware onto a clean machine. A rootkit that appeared to use code borrowed from Mirai to hook into several functions. A Trojan containing apparent code connections to the Elknot implant that worked with the rootkit to remain operational. Using this mutually beneficial relationship, the Trojan searches for Linux systems in the targeted network for the purpose of achieving remote control.”]