Budworm hackers target telcos and govt orgs with custom malware

Chinese cyber-espionage group “Budworm” has been identified by Symantec’s Threat Hunter team as behind recent attacks on a Middle Eastern telecom firm and an Asian government entity. Distributed widely since 2022, a Linux variant of the malware, SysUpdate, was first spotted in March 2023. Targeting vital sectors since 2013, Budworm uses SysUpdate as a backdoor, deploying it with legitimate software to evade compromised hosts’ security tools.