VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases.
That makes sense. The cloud runs Linux. Even Microsoft runs Linux in the cloud. With more high value assets moving to the cloud, and usually to Linux, the attackers are going to follow.
How interesting! It targets cloud services.
That makes sense. The cloud runs Linux. Even Microsoft runs Linux in the cloud. With more high value assets moving to the cloud, and usually to Linux, the attackers are going to follow.