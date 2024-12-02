The malware called PWOBot has already infected a number of Europe-based organisations, particularly in Poland, according to new research. Distribution routes include the Polish file-sharing web service chomikuj.pl. Victims include a Polish national research institution, a Polish shipping company, a large Polish retailer, a Polish information technology organisation, a Danish building company and a French optical equipment provider.

According to security researchers at Palo Alto Networks, the malware itself provides a wealth of functionality, including the ability to download and execute files, execute Python code, log keystrokes, spawn a HTTP server, and mine Bitcoins via the victim’s CPUs and GPUs.

The underlying code is cross-platform, so the malware might easily be ported over to the Linux and OS X operating systems. That fact, coupled with a modular design, makes PWOBot a potentially significant threat.