We may not be sure if Wiarton Willy is right about spring but we do know that SonicWall 0-day reported recently is being actively exploited.
New Linux malware steals SSH credentials from supercomputers Bleeping Computer
Well that doesn’t look good. And it isn’t. Backdoor malware, dubbed “Kobalos” by the ESET researchers who found it, has been targeting supercomputers globally in academic and research sectors to steal their creds for secure network connections. The malware is small but complex, highly obfuscated, Hmmm I wonder who it could be? 🧐
Agent Tesla malware is new & improved with enhanced obfuscation and evasive capabilities. Extra-crunchy goodness here using TOR and Telegram chat for data exfil. The updated trojan actually goes after the software used to protect our devices, the Windows anti-malware software interface ASMI, and overwrites it so that it won’t notice all the nasty downloads to come. It also has a lot more selection for credential harvesting. I’d say Agent Tesla is definitely one to watch in 2021