URL has been copied successfully!
Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity


Tags: , , , , ,

A long-running, stealthy campaign attributed to the China-nexus actor tracked as Velvet Ant has been found to include deeply engineered backdoors in the authentication stack: modified OpenSSH binaries and tampered PAM modules that exfiltrate credentials, record every executed command, and conceal attacker activity. The discovery, part of Sygnia’s Operation Highland investigation, reveals nearly a decade […] The post Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/modified-openssh-binaries/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. The 2024 cyberwar playbook: Tricks used by nation-state actors
  2. The 2024 cyberwar playbook: Tricks used by nation-state actors
  3. The state of intrusions: Stolen credentials and perimeter exploits on the rise, as phishing wanes
  4. The state of intrusions: Stolen credentials and perimeter exploits on the rise, as phishing wanes