cyberfeed.io — security news aggregator

LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities

Cyber Security News • 2025-10-17 • cybersecuritynews.com

A sophisticated rootkit targeting GNU/Linux systems has emerged, leveraging advanced eBPF (extended Berkeley Packet Filter) technology to conceal malicious activities and evade traditional monitoring tools. The threat, known as LinkPro, was discovered during a digital forensic investigation of a compromised AWS-hosted infrastructure, where it functioned as a stealthy backdoor with capabilities ranging from process hiding

#aws #rootkit

New GNU/Linux Rootkit LinkPro Discovered in AWS Infrastructure

cybersecurity • 2025-10-17 • www.reddit.com

An investigation into a compromised AWS-hosted infrastructure revealed a new GNU/Linux rootkit called LinkPro. The attackers exploited a vulnerable Jenkins server (CVE-2024-23897) to deploy a malicious Docker image on Kubernetes clusters. The rootkit, written in Golang, features eBPF modules for concealment and remote activation, allowing attackers to gain persistence and execute commands. The sophisticated malware supports multiple communication protocols and uses a 'magic packet' for...

#vulnerability #malware #docker #aws #rootkit

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

BleepingComputer • 2025-10-16 • www.bleepingcomputer.com

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access.

#exploit #vulnerability #incident #patch-management #rootkit

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

The Hacker News • 2025-10-16 • thehackernews.com

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely

#aws #rootkit

Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit - Kyntra Blog

For [Blue|Purple] Teams in Cyber Defence • 2025-10-15 • www.reddit.com

submitted by /u/rkhunter_ [link] [comments]

#rootkit

Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit - Kyntra Blog

Technical Information Security Content & Discussion • 2025-10-15 • www.reddit.com

submitted by /u/rkhunter_ [link] [comments]

#rootkit