Cybersecurity researchers have uncovered VoidLink, a sophisticated malware framework targeting Linux-based cloud environments for long-term stealthy access. The malwareβs modular and adaptive design, linked to Chinese threat actors, demonstrates a focus on cloud services like AWS, Azure, and Google Cloud. #VoidLink #CloudThreats
Keypoints
- VoidLink is a feature-rich, modular malware framework designed for persistent access to Linux cloud systems.
- It utilizes a highly flexible plugin architecture inspired by Cobalt Strikeβs BOF, with over 30 default modules.
- The framework can detect cloud environments, adapt behavior, and collect credentials from cloud and source control systems.
- It incorporates advanced rootkit-like hiding techniques, in-memory plugins, and multiple C2 communication channels.
- VoidLink includes a web dashboard for remote control and supports a builder panel to create customized versions.
Read More: https://thehackernews.com/2026/01/new-advanced-linux-voidlink-malware.html