StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

Cybersecurity firm Kaspersky has identified a complex malware strain, codenamed StripedFly, that has infected over a million devices worldwide since 2016. The malware can support both Linux and Windows and uses an exploit attributed to the Equation Group to access and infect systems. It can download files and execute scripts from a remote Bitbucket repository and, once inside a system, can disable the SMBv1 protocol and spread to other machines. The malware’s origins are unknown, but its sophistication suggests a link to advanced persistent threat (APT) actors.