The Gnome extension on Linux is carrying a malware in disguise. The ones who made the find were the people working at Intezer. They have even linked the malicious code as spyware created by Russian coders named Gamaredon. Most of the modules used by the malicious code in Evil-Gnomeis tied to Windows utilities such as the use of SFX, task scheduler and data trackers. Since the code seems to target mostly desktops, the extension of the attack has not been wide because Linux is not widely used on PCs. The developers of Intezer have stated that the spyware is an entirely new form of code that has never been used before.
The attack group is not one to rear its head frequently. We have reports of their existence dating back to 2013. Most of the information available about them was released by
Crypto miners are not something new. They have been around almost since the beginning of cryptocurrencies back in 2009. Skidmap, however, is a brand new piece of code that was detected by the team of researchers of Trend Micro. The malicious code has been created to target Linux machines specifically while using kernel rootkits to work undetected. The way it’s been coded is to outperform most of the popular miners out there since it can really evade detection. The miner even manages to set up a master password for the attacker to be used to access any system remotely.