Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

thehackernews.com·May 21, 2026

Researchers have revealed a new Linux malware called Showboat, which has been used in a campaign against a Middle Eastern telecommunications provider since mid-2022. Showboat is a modular framework that allows for remote access, file transfer, and SOCKS5 proxy functionality.

The most valuable insight for you is the emergence of Showboat, a modular post-exploitation framework targeting Linux systems, highlighting the need to enhance defenses against modular malware capable of remote shell access and file transfers. Prioritize updating threat intelligence strategies and continuously monitoring Linux-based environments, especially in sectors like telecommunications, to detect and mitigate such sophisticated threats effectively.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Want more content like this?

More from Cybersecurity News

[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Red Hat npm packages compromised to steal developer credentials

Spain arrests doxer leaking sensitive data of govt employees

WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites