Attackers Exploit Solaris Vulnerability To Install BPFDoor Malware

Share post:

Threat actors are exploiting an old Solaris vulnerability to install BPFDoor malware.

The malicious software was discovered by researchers at PricewaterhouseCoopers (PwC) and linked to a China-based threat actor tracked as Red Menshen.

BPFDoor is a custom backdoor that has been in use for the last 5 years. It cannot be stopped by firewalls, it can work without opening any ports and does not require a command and control server as it can receive commands from any IP address on the web.

According to CrowdStrike, attackers are targeting Linux and Solaris systems that use the custom-built BPFDoor implant on telecommunications providers to steal personal user data.

The researchers pointed out that detecting BPFDoor/JustForFun implants on a Linux system can be very difficult, as the threat actors modifies existing SysVinit scripts on the host to achieve persistence. Therefore, reviewing the lines of code in SysVinit scripts is unlikely to reveal the reference to the implant.

The sources for this piece include an article in BleepingComputer.



Related articles

Microsoft announces enhanced security feature for OneNote

Microsoft has released further information on the increased security measures it is deploying for OneNote in order to...

Russian hacker group steals Emails of NATO officials and diplomats

Since February 2023, a Russian hacking gang known as TA473 or 'Winter Vivern' has targeted unpatched Zimbra endpoints...

Nearly 70% of IT leaders to increase outsourcing

According to research performed by software development business JetRockets, almost 70% of IT executives are increasing their demand...

Employers increasing standards for employee performance reviews to cut costs

Many large firms, like Google, Salesforce, and Goldman Sachs, are instituting tighter employee performance review criteria. Their goal...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways