New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus

Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts.

The "intriguing" campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut (LNK) file likely distributed in the form of a ZIP archive via a phishing email.

"What makes the CRON#TRAP campaign particularly concerning is that the emulated Linux instance comes pre-configured with a backdoor that automatically connects to an attacker-controlled command-and-control (C2) server," Securonix researchers Den Iuzvyk and Tim Peck said in an analysis.

See more: https://thehackernews.com/2024/11/new-crontrap-malware-infects-windows-by.html

#cybersecurity #malware