The China-aligned hacker group called Gelsemium has been spotted using a new sneaky tool named WolfsBane to attack computers in East and Southeast Asia. This info comes from ESET, a cybersecurity company, who saw some weird files from Taiwan, the Philippines, and Singapore on a website called VirusTotal in March of this year.
WolfsBane is like a computer bug that lets the bad guys control your Linux computer without you knowing. It's kind of like their old tool, Gelsevirine, but for Windows. They've also found something they're not totally sure about called FireWood that might be related to another set of hacker tools named Project Wood. FireWood might be used by more than just Gelsemium, though.
These tools are super spy-like. They want to get into your computer to grab important stuff like login info and secret documents without being caught. The bad guys probably used a hidden weak spot in a website to get in and plant the WolfsBane backdoor. Then, they use it to control your computer from far away without you even knowing.
WolfsBane and FireWood are like ninjas because they use tricks to hide themselves. WolfsBane uses this thing called a rootkit to stay hidden on your computer, and FireWood has a special part called usbdev.ko that lets it hide what it's doing.
This is the first time anyone's seen Gelsemium use something like this on Linux computers. It seems like more and more hackers are going after these types of systems because email and computer protections are getting better, making it harder for them to attack Windows computers. It's like they're playing a game of cat and mouse, and now they're checking out the cheese on the Linux side of the house.