Krasue RAT Malware: A New Threat to Linux Systems

In the field of cybersecurity, a potent and covert threat called Krasue has surfaced. This remote access trojan has been silently infiltrating Linux systems, primarily targeting telecommunications companies since 2021. This blog ...
Developing a Hidden Virtual File System Capability That Emulates the Uroburos Rootkit

Developing a Hidden Virtual File System Capability That Emulates the Uroburos Rootkit

A few years ago, I read the “Uroburos: The Snake Rootkit” [1] paper written by Artem Baranov and Deresz and was captivated by the hidden kernel-mode Virtual File System (VFS) functionality implemented ...
The Link Between AWM Proxy & the Glupteba Botnet

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past ...
Professionally Evil Fundamentals: Introduction

LD_PRELOAD – Introduction

    Today I wanted to start what I plan to be a small series of blog posts about LD_PRELOAD. LD_PRELOAD is related to Linux based systems and revolves around the loader system and ...
Professionally Evil Fundamentals: Introduction

LD_PRELOAD – Introduction

    Today I wanted to start what I plan to be a small series of blog posts about LD_PRELOAD. LD_PRELOAD is related to Linux based systems and revolves around the loader system and ...
Graphic: What is a rootkit? Breaking down the levels of privilege.

What Is a Rootkit and How Does It Work?

Here’s everything you need to know about the most dangerous breed of security threats The cyber security industry might not have perfected the techniques to thwart security threats completely, but... The post ...

Scranos Rootkit Operation Turns Global

Sophisticated threats remain among the main concerns of enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in networks, hiding behind the scenes to ...
Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation

Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation

Last year, the Bitdefender Cyber Threat Intelligence Lab started analysis of a new password- and data-stealing operation based around a rootkit driver digitally signed with a possibly stolen certificate. The operation, partially ...
Six Years and Counting: Inside the Complex Zacinlo Ad Fraud Operation

Six Years and Counting: Inside the Complex Zacinlo Ad Fraud Operation

For more than a decade, adware has helped software creators earn money while bringing free applications to the masses. Headliner games and applications have become widely available to computer and mobile users ...
Intel Releases Microcode Spectre Patches

Intel Warns of Serious Processor Flaws

Intel has released firmware updates for many of its processors to fix eight high-risk flaws that can put systems at risk of complete compromise. The flaws are located in low-level technologies found ...