A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware.
First identified twenty years ago, Bifrost is one of the longest-standing RAT threats in circulation. It infects users via malicious email attachments or payload-dropping sites and then collects sensitive information from the host.
Palo Alto Networks’ Unit 42 researchers report observing a spike in…