Passive backdoors are implants designed to be stealthier than common backdoors, especially by avoiding listening on ports or pinging back to a Command and Control server. Over the last few years, we have detected a number of different passive Linux backdoors used in post-exploitation phases. Adversaries are actively using these network backdoors as a stealthy persistence technique.
Follow a BPFDoor compromise step-by-step to see how this stealthy, custom backdoor has gone five years undetected by blending malicious traffic blends into legitimate traffic. This unique Linux backdoor is incredibly effective at gaining persistence on targeted systems, typically in telecommunications, government, education, and logistics organizations.
Join Nicole Carignan, CounterCraft Customer Success Manager, and David Barroso, CEO, for a webinar on June 28, 2022 at 12pm EST / 18h CET to discuss passive Linux backdoors, talk through the BPFDoor compromise in step-by-step detail, go over the TTPs, and talk about the possible implications of this compromise going forward.
BPFDoor and So Much More
An Analysis of Linux Network Passive Backdoors
Attendees of the webinar will also receive:
- - The current intel from the attack
- - Information on how to detect BPFDoor compromise
- - A download of the IOCs, file names, and source code associated with the incident
- - Resources for further reading
- - Special trial offer of CounterCraft The Pulse, our deception farm product, coming in 2022
Find out more about a real-life BPFDoor compromise at our previous blogpost.