New Bifrost malware for Linux mimics VMware domain for evasion

New Bifrost malware for Linux mimics VMware domain for evasion


A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware.

First identified twenty years ago, Bifrost is one of the longest-standing RAT threats in circulation. It infects users via malicious email attachments or payload-dropping sites and then collects sensitive information from the host.

Palo Alto Networks’ Unit 42 researchers report observing a spike in…



Source link