Ars Technica

Backdoor infecting VPNs used “magic packets” for stealth and security

When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is ...
ZDNet

This new Linux malware has a sneaky way of staying hidden

A newly discovered stealthy piece of Linux malware called Syslogk delivers a backdoor that remains hidden on the targeted machine until its controller, from anywhere on the internet, transmits ...
Bleeping Computer

Stealthy 'Magic Packet' malware targets Juniper VPN gateways

A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in ...
Bleeping Computer

New Syslogk Linux rootkit uses magic packets to trigger backdoor

A new Linux rootkit malware named ‘Syslogk’ is being used in attacks to hide malicious processes, using specially crafted "magic packets" to awaken a backdoor laying dormant on the device. The malware ...
Ars Technica

Backdoor infecting VPNs used “magic packets” for stealth and security

oh, it's like... port triggering, plus the college assignment that required me to clumsily assemble my own packet in C! magic packets makes for a better headline, though ...anyways, what makes this ...