VoidLink includes an unusually broad and advanced array of capabilities.
But… Is the malware open source?
How interesting! It targets cloud services.
VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases.
That makes sense. The cloud runs Linux. Even Microsoft runs Linux in the cloud. With more high value assets moving to the cloud, and usually to Linux, the attackers are going to follow.
A corrolary suggests itself: You lose obscurity, you lose security.
On the other hand, Kerckhoffs’s principle. For example SSH is not obscure, and it’s considered safer than alternatives.
Oh shit, it fucked up my SuperTuxKart.
