BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack this year
released on 2022-05-11 @ 10:00:58 AM
Researchers have uncovered a highly-evasive Chinese surveillance tool using the Berkeley Packet Filter (BPF). The malware, dubbed BPFDoor, is present on “thousands” of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years.