Verticals Targeted: Not specified Regions Targeted: Not specified Related Families: Snowlight dropper Executive Summary VShell is a sophisticated Go-based backdoor targeting Linux systems through a novel infection chain that weaponizes filenames in RAR archives. This malware, linked to Chinese APT groups, exploits common shell scripting practices to execute malicious Bash payloads, delivering a stealthy, memory-resident backdoor capable of remote control, file operations, and network tunneling.| PolySwarm Main Blog
A new Linux malware has recently caught the attention of security researchers. Identified as “Plague,”… Newly Discovered Plague Linux Backdoor Malware Remained Undetected For A Year on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.| Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Test...
An exceptionally stealthy technique to hide files and masquerade processes on Linux systems| haxrob
Despite the venerable BPFDoor malware has once again found itself in the media spotlight. Recent variants avoid existing detections, so we will take a look at samples found in significant telecommunications provider breach in April 2025. 💡 Recommended for prior reading: Trend Micro (2025), Sandfly Security (2022), Elastic (2022). Detection| haxrob
An exploration into the archeological roots of the BPFDoor Linux malware.| haxrob
Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files. Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files.| Unit 42