Between early November to December 2024, researchers uncovered a new Linux malware strain named Auto-color, derived from the filename it adopts after installation. This stealthy backdoor is being deployed against educational institutions and public sector organizations in the U.S. and Asia, enabling attackers to maintain persistent access while evading detection and removal. Once embedded, Auto-color grants threat actors’ full remote control over compromised systems, making it exceptionally difficult to eliminate without specialized security tools. Its ability to blend into the system and resist deletion highlights the growing sophistication of Linux-targeted threats.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox
