Cybersecurity researchers have discovered a new Linux backdoor named Plague that has remained undetected for a year. The malware uses a malicious PAM module to bypass authentication and maintain persistent access, with active development observed. #Plague #LinuxBackdoor
Keypoints
- Plague is a previously undocumented Linux backdoor that evades detection by security tools.
- It operates as a malicious PAM module to silently bypass system authentication and access SSH securely.
- Multiple artifacts suggest ongoing development by unknown threat actors since July 2024.
- Features include static credentials, anti-debugging techniques, and stealth measures like environment variable manipulation.
- Plague is deeply integrated into the authentication system, making it difficult to detect and remove.
Read More: https://thehackernews.com/2025/08/new-plague-pam-backdoor-exposes.html