ClipXDaemon Malware, a Stealthy Cryptocurrency Clipboard Hijacker on Linux Researchers identified ClipXDaemon, a Linux clipboard hijacker that targets cryptocurrency users by monitoring X11 clipboards and replacing copied wallet addresses with attacker-controlled ones to redirect funds. The loader resembles ShadowHS samples due to use of the open-source bincrypter framework, but ClipXDaemon operates C2-less, persists via ~/.profile, and uses process masquerading and...

ClipXDaemon malware targets Linux users by hijacking X11 clipboards, swapping crypto wallet addresses with attacker-controlled ones. It uses process masquerading, operates C2-less, and persists via ~/.profile. #ClipHijacker #LinuxThreat

2/3
Plague uses layered obfuscation, static passwords, anti-debugging, and runtime scrubbing—like unsetting SSH vars and nulling history logs—to remain invisible. It survives system updates and defeats conventional security tools. #CyberSecurity #LinuxThreat

Alert for Arch Linux users!

Fake Firefox AUR packages installed a RAT via GitHub, creating encrypted reverse shells on port 443. 🐀

Check your system for rat-agent.service & remove infected packages.

🔗 cybersecuritynews.com/malicious-au...

#CyberSecurity #LinuxThreat #PaxionCyber

Sedexp Malware: The Stealthy Linux Threat Evading Detection Discover how sedexp, a stealthy Linux malware, uses udev rules to gain remote access. Protect your systems from this advanced threat.

Sedexp Malware: The Stealthy Linux Threat Evading Detection
tuxcare.com/blog/sedexp-...
#Infosec #Security #Cybersecurity #CeptBiro #SedexpMalware #LinuxThreat #EvadingDetection