China-linked Alloy Taurus APT uses a Linux variant of PingPull malware
![](https://search.ai.wiki/wp-content/uploads/2023/04/china-linked-alloy-taurus-apt-uses-a-linux-variant-of-pingpull-malware.png)
China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033.
Researchers from Palo Alto Networks Unit 42 recently observed the China-linked Alloy Taurus group (aka GALLIUM, Softcell) targeting …