"New Alchimist Attack Framework Targets Windows, macOS, Linux"

Researchers discovered a new attack and command-and-control (C2) framework known as 'Alchimist,' which appears to be actively used in attacks against Windows, Linux, and macOS systems. The framework and its files are 64-bit executables written in GoLang, a programming language that simplifies cross-compatibility between operating systems. Alchimist provides a web-based interface in Simplified Chinese, and it is similar to Manjusaka, a recently-emerged post-exploitation attack framework that has become popular among Chinese hackers. Cisco Talos researchers who discovered both of these frameworks emphasize their similarities while explaining that there are enough technical differences to conclude that different authors created them. Alchimist provides operators with an easy-to-use framework for generating and configuring payloads that can be placed on infected devices to remotely take screenshots, run arbitrary commands, and execute shellcode. The framework allows developers to create custom infection mechanisms for deploying the 'Insekt' Remote Access Trojan (RAT) on devices and helps hackers by generating PowerShell (for Windows) and wget (for Linux) code snippets for RAT deployment. This article continues to discuss findings surrounding the Alchimist attack framework. 

Bleeping Computer reports "New Alchimist Attack Framework Targets Windows, macOS, Linux"