"Linux Variants of Bifrost Trojan Evade Detection via Typosquatting"

A 20-year-old Remote Access Trojan (RAT) has reemerged with new variants targeting Linux and impersonating a trusted hosted domain. Palo Alto Networks discovered a new Linux variant of the Bifrost malware, also known as Bifrose, that applies the typosquatting tactic to mimic a legitimate VMware domain, allowing the malware to avoid detection. Bifrost is a RAT that has been active since 2004, gathering sensitive information from compromised systems, including hostnames and IP addresses. Bifrost Linux variants have increased significantly in recent months, raising concerns. This article continues to discuss findings regarding the Linux variants of the Bifrost RAT.

Dark Reading reports "Linux Variants of Bifrost Trojan Evade Detection via Typosquatting"

Submitted by grigby1