Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild - SecurityWeek

The BPFDoor Linux backdoor, attributed to Chinese state-sponsored threat actors, is using a controller to open reverse shells and control additional hosts. The backdoor, likely active for nearly a decade, has been used in attacks against various sectors in multiple countries. Trend Micro urges administrators to adopt strong defense measures due to the backdoor’s stealth and evasion techniques.