A new variant of a data wiping malware called AcidRain has been detected in the wild that’s specifically designed for targeting Linux x86 devices.
The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne’s Juan Andres Guerrero-Saade said in a series of posts on X.
“The new variant […] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/strings, it’s a largely different codebase,” Guerrero-Saade noted.
The cyber attack was subsequently attributed to Russia by the Five Eyes nations, along with Ukraine and the European Union.
AcidPour, as the new variant is called, is designed to erase content from RAID arrays and Unsorted Block Image (UBI) file systems through the addition of file paths like “/dev/dm-XX” and “/dev/ubiXX,” respectively.
The discovery once again underscores the use of wiper malware to cripple targets, even as threat actors are diversifying their attack methods for maximum impact.
Source: https://thehackernews.com/
