SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive

The multi-platform SysJoker malware, which has several Windows, Linux, and Mac variants, is being used by a Hamas-affiliated group to target Israel. Researchers from Checkpoint disclosed its growth and variations, and a recent switch to the Rust programming language for more intricate execution flow. The threat actor has also changed from using Google Drive to OneDrive to store dynamic C2 (command and control server) URLs, giving them an upper hand over various reputation-based services.