Skip to content

[Intel]: https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html #725

New issue
New issue
Open
Open
[Intel]: https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html#725
Assignees
timb-machine
Labels
missing:tag:T1040missing:tag:T1048missing:tag:T1053.003missing:tag:T1057missing:tag:T1070.004missing:tag:T1205missing:tag:T1518missing:tag:T1590new
@timb-machine

Description

@timb-machine
timb-machine
opened on Jul 15, 2023

Area

Malware reports

Parent threat

Defense Evasion

Finding

https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html

Industry reference

attack:T1205.002:Socket Filters
attack:T1205:Traffic Signaling
uses:BPF

Malware reference

BPFDoor
/malware/binaries/BPFDoor
Unix.Backdoor.RedMenshen

Actor reference

DecisiveArchitect

Component

Linux
Solaris

Scenario

No response

Metadata

Metadata

Assignees

Labels

missing:tag:T1040missing:tag:T1048missing:tag:T1053.003missing:tag:T1057missing:tag:T1070.004missing:tag:T1205missing:tag:T1518missing:tag:T1590new

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions