Rob Joyce (NSA Cyber Director) Comments on the Acid Variants
This is a threat to watch. My concern is elevated because this variant is a more powerful AcidRain variant, covering more hardware and operating system types.
![New Wiper Malware “AcidPour” Targets Linux x86 Devices](https://i0.wp.com/www.viritux.com/wp-content/uploads/2024/03/AcidPour_Malware_Goes_After_Linux_Systems_illus.jpg?resize=640%2C360&quality=89&ssl=1)
What do we know about the Acid Variants?
Acidrain and AcidPour are both malicious software programs, but they have some key differences:
AcidRain:
- Origin: First discovered in March 2022.
- Target: Primarily embedded Linux systems, like those used in routers and modems.
- Function: Acts as a data wiper, deleting files and rendering devices inoperable.
- Impact: AcidRain was used in a cyberattack against Viasat, a satellite communications provider, disrupting service across Ukraine and Europe.
AcidPour:
- Origin: A variant of AcidRain discovered in March 2024, specifically targeting Linux x86 network devices (common desktop and server operating systems).
- Function: Similar to AcidRain, it wipes data and disrupts operations.
- Connection: While related to AcidRain, AcidPour has significant codebase differences, suggesting it might be a more sophisticated version or potentially from a different group.
- Target: The specific targets of AcidPour are still unclear, but its discovery in Ukraine raises concerns due to AcidRain’s prior use there.
Here’s a table summarizing the key points:
Feature | AcidRain | AcidPour |
---|---|---|
Origin | March 2022 | March 2024, variant of AcidRain |
Target | Embedded Linux systems | Linux x86 network devices (common OS) |
Function | Data wiper | Data wiper |
Impact | Disrupted communication | Potential disruption, investigation ongoing |
Connection to Ukraine | Used in cyberattack | Discovered in Ukraine, target unclear |
For more information on AcidPour – Click Here
For more posts – Click Here