Alloy Taurus APT Spotted Using PingPull and a New Backdoor to Target Linux Users

28 April 2023
Unit 42 discovered a new version of the PingPull malware, designed by Alloy Taurus (aka Gallium), to cripple Linux systems. It is essentially an ELF file that only 3 out of 62 antivirus vendors flagged as malicious. During the investigation, the threat actor's infrastructure also blurted out the evidence of another backdoor used in the attack known as Sword2033.