Chinese Cyber Threat Group Targets Linux Systems with New Tools

The cyber threat group UNC5174, linked to China, has launched a new campaign targeting Linux systems using a variant of the SNOWLIGHT malware and a new open-source tool called VShell. Threat actors are increasingly using open-source tools for cost and concealment reasons, allowing them to blend in with legitimate users. This campaign demonstrates an evolution in the tactics of cybercriminals to compromise Linux systems.