New malware SysJoker infects Windows, Mac, and Linux OS

It seems like malware threats aren’t resting on their laurels in 2022 as another cybersecurity issue has arisen. Intezer researchers have discovered SysJoker that targets Windows, Mac, and Linux OS. Even if you have Windows 11, it seems your PC may not be safe from being a target.

While Intezer first discovered SysJoker in December 2021, the researchers took their time studying the cybersecurity threat. This new malware comes in the wake of Google warning about new security flaws in Chrome and Purple Fox becoming a trojan virus in fake Telegram downloads. However, the new SysJoker seems to be more potent, finding a way to evade detection by Linux, Windows, and Mac operating systems.

How SysJoker works is by remaining inactive for about two minutes before jumping into action. It creates a directory that looks like it belongs to an Intel graphics interface service while planting the file igfxCUIService.exe. From there, the malware uses Living off the Land (LOtL) functions, quietly gathering information about your device.

In summary, the security threat invades your registry and creates a link to Google Drive where hackers can then drop any payload or malware onto your server or system. If you think your antivirus program will save you, think again. Intezer used 57 anti-malware tools, and SysJoker evaded them all.

It’s not the first malware to show signs of evasion in 2022. MoonBounce has found a way to survive OS reinstalls by infecting the UEFI firmware. If there’s anything we need to learn about cybersecurity this year, it’s that we’ll need to be more vigilant with what we browse, download and install. To that end, please read our guide for easy steps to be safe online this year.