BPFDoor Linux Backdoor

BPFDoor is a highly evasive surveillance tool using the Berkeley Packet Filter (BPF). It is allegedly attributed to Chinese threat actors. It is assumed to be deployed on thousands of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years. BPFDoor works as an implant without opening any additional TCP or UDP ports instead it listen and send data on existing in use ports, by utilizing power of the BPF.

BPFDoor Implant Signatures

Family: HEUR:Backdoor.Linux.Agent.dl
MD5: 8f05657f0bd8f4eb60fba59cc94fe189
SHA256: 93f4262fce8c6b4f8e239c35a0679fbbbb722141b95a5f2af53a2bcafe4edd1c

BPFDoor Implant Download

        Click to Load Comments
    

		B1txor20 Linux Botnet B1txor20 is assembling its army of bot on Linux machines. It is explo...
		TellYouThePass Ransomware Download TellYouThePass ransomware was an old dormant ransomware supposed to b...
		BlackCat Ransomware Download ALPHV BlackCat Ransomware or simply BlackCat Rasomware is an advance ...
		Cerber Ransomware Download Cerber Ransomware encrypt Windows and Linux machines by exploiting Atl...
		linux_avp Malware Download Hacker skim sensitive information from e-commerce website by deploying...
		IPsec Helper Backdoor Download IPsec Helper is a backdoor implant used by Agrius APT. Agrius is attri...
		RedXOR Linux Backdoor Download Linux that was assumed to be "safe" from malware is getting attention...
		KOBALOS Linux Malware Download Kobalos, a new malware that targets Linux, FreeBSD and Solaris High ...

BPFDoor Linux Backdoor

BPFDoor Implant Signatures

BPFDoor Implant Download

Subscribe YouTube

Related Posts