Cross-platform exploit targets Linux, Windows and macOS

New "SysJoker" cross-platform exploit now can infect machines with different OSes.

Interestingly, this exploit uses Universal Binary allowing it to run on Intel and Apple Silicon Macs. Code is signed with ad-hoc certificate. New certificates could be used in the future.

The files and directories created by SysJoker include:

The persistence code is under the path LibraryLaunchAgents/ If the files are found on a Mac, it is advised to kill off all related processes and delete the files.


Reference: macOS, Windows, Linux all targeted by new cross-platform exploit