WSL (Windows Subsystem for Linux) enables running a Linux environment on Windows, allowing developers and cybersecurity workflows to leverage Linux tools. It poses security risks, as malware can exploit WSL by checking for its presence and executing commands. An infostealer trojan, “ottercookie-socketScript-module-3.js,” utilizes WSL to access the Windows filesystem and obtain user information.
WSL in the Malware Ecosystem

