19 September 2022  —  Eric Swotinsky
Incident reports

Linux variant of SideWalk backdoor discovered

The backdoor known as SideWalk, or StageClient, has been observed in various attacks over the last year, mainly against academic targets in East and Southeast Asia. These attacks were mainly against Windows systems, but a new variant targeting Linux systems has been discovered with similar functionality.

The APT group behind this piece of malware has been named SparklingGoblin or Earth Baku. Their latest SideWalk variant was aimed at a university in Hong Kong.

This is yet another example of a threat group expanding their targets beyond Windows-based systems. We've previously discussed a notable rise in Linux malware over the last couple of years.

Acronis Cyber Protect Cloud is compatible with Windows, macOS and Linux systems, and detects and blocks even the latest malware threats like SideWalk before they can damage systems and data.