Advertisement
Top
image credit: Pexels

New Linux variant of BIFROSE RAT uses deceptive domain strategies

March 4, 2024

Via: Security Affairs
Category:

Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain.

The Bifrost RAT has been active since 2004, it allows its operators to gather sensitive information, including hostname and IP address. BIFROSE has data stealing capability, but it is mostly popular for its keylogging routines. The researchers also observed a spike in Bifrost’s Linux variants during the past few months.

Read More on Security Affairs

RELATED PUBLICATIONS

AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!