News/Tech News

Cyber campaign by SparklingGoblin updates Linux version of SideWalk backdoor

Published on Sep 17, 2022

Using advanced Linux malware, researchers link the APT to an attack on a Hong Kong university.

New Linux versions of the SideWalk backdoor have been deployed against Hong Kong universities in persistent attacks that compromise multiple servers.

SparklingGoblin is an advanced persistent threat (APT) group that targets organizations mostly in East and Southeast Asia, concentrating on the academic sector, ESET researchers said in a blog post published Sept. 14.

APT has also been linked to attacks on a variety of organizations and vertical industries around the world, as well as using the SideWalk and Crosswalk backdoors in its malware arsenal.

The attack on the Hong Kong university is actually the second time SparklingGoblin has targeted this institution; the first attack was in May 2020 during student protests, which ESET researchers discovered in February 2021 that the Linux version of SideWalk had been installed on the university’s network without identifying it as such.

The latest attack appears to be part of a continuous campaign that may have begun with the exploitation of IP cameras and/or network video recorder (NVR) and DVR devices, either using the Specter botnet or through a vulnerable WordPress server found in the victim’s environment, researchers said.

Researchers said SparklingGoblin has continuously targeted this organization over a long period of time, successfully compromising a print server, an email server, and a server used to manage student schedules and course registrations.

Additionally, the Specter RAT, first identified by 360 Netlab researchers, appears to be a SideWalk Linux variant, as evidenced by multiple similarities between the sample identified by ESET researchers.

Tech News

ThreatModeler 6.0

Developers can now simplify threat modelling with ThreatModeler 6.0

‘ThreatModeler’, a threat modelling and cloud infrastructure company, has released version 6.0…


Oracle Announces MySQL HeatWave on AWS

Through MySQL, AWS users can run transaction processing, real-time analytics, and machine learning in one service MySQL HeatWave offers 7X…

Our Latest Blog

Beyond the Basics Advanced Techniques and Tools for Ethical Hacking Professionals

Beyond the Basics: Advanced Techniques and Tools for Ethical Hacking Professionals

Are you an ethical hacking professional looking to take your skills to the next level?...
Read More
Mastering Full Stack Python Development with Django A Comprehensive Guide

Mastering Full Stack Python Development with Django: A Comprehensive Guide

Python is a powerful programming language that has taken the world of web development by...
Read More
Mastering Machine Learning A Beginner's Guide to Python

Mastering Machine Learning: A Beginner’s Guide to Python

Welcome to the world of machine learning! With the ever-increasing demand for artificial intelligence and...
Read More

Follow Us


Browse LSET presentations to understand interesting…

Explore Now

Get complete guides to empower yourself academically…

Explore Now

Learn about information technology and business…

Explore Now