Dec Sunday, SEKOIA cybersecurity researchers recently uncovered a Trojan horse version of Mimi that is primarily focused on the Chinese market, but is also cross-platform and can be used on many platforms. The Trojan horse version of Mimi created a new backdoor known as shell, which is capable of stealing data from the following platforms: – Linux macOS, after installing version 2.3 for about four months. It was found that 0 application backdoors are installed on macOS. This was revealed when the team scanned the C2 infrastructure for Hyperbroken malware and noticed irregular links to this application.
It is also equipped with a very useful download command that can tell the backdoor to download files to the server on which the backdoor is installed. For now, there is no way to determine whether SEKOIA reused this application to a spyware application to collect data from a spyware application or not.