Blog  

{Webinar} BPFDoor and So Much More: An Analysis of Linux Network Passive Backdoors

BPFDoor and So Much More: An Analysis of Linux Network Passive Backdoors

Passive backdoors are implants designed to be stealthier than common backdoors, especially by avoiding listening on ports or pinging back to a Command and Control server. Over the last few years, we have detected a number of different passive Linux backdoors used in post-exploitation phases. Adversaries are actively using these network backdoors as a stealthy persistence technique.

Follow a BPFDoor compromise step-by-step to see how this stealthy, custom backdoor has gone five years undetected by blending malicious traffic blends into legitimate traffic. This unique Linux backdoor is incredibly effective at gaining persistence on targeted systems, typically in telecommunications, government, education, and logistics organizations.

Join Nicole Carignan, CounterCraft Customer Success Manager, and David Barroso, CEO, for a webinar on June 28, 2022 at 12pm EST / 18h CET to discuss passive Linux backdoors, talk through the BPFDoor compromise in step-by-step detail, go over the TTPs, and talk about the possible implications of this compromise going forward.


BPFDoor and So Much More
An Analysis of Linux Network Passive Backdoors

Date: Tuesday, June 28, 2022
Time: 6pm CET | 12am EST
Sign up here: https://us02web.zoom.us/webinar/register/1416558093968/WN_spgO8aJaSBWgyEA6RSmLFQ.



What’s Included

Attendees of the webinar will also receive:

  • - The current intel from the attack
  • - Information on how to detect BPFDoor compromise
  • - A download of the IOCs, file names, and source code associated with the incident
  • - Resources for further reading
  • - Special trial offer of CounterCraft The Pulse, our deception farm product, coming in 2022

Find out more about a real-life BPFDoor compromise at our previous blogpost.

Sign up for the webinar here.

{Webinar} BPFDoor and So Much More: An Analysis of Linux Network Passive Backdoors
Sign up for the June 28 webinar today

Like Jim Morrison said, this is the end. But you can...