Open timb-machine opened 5 months ago
Malware reports
Defense Evasion
https://unfinished.bike/fun-with-the-new-bpfdoor-2023
attack:T1205.002:Socket Filters attack:T1205:Traffic Signaling uses:BPF uses:Non-persistentStorage attack:T1070.006:Timestomp attack:T1070.004:File Deletion
BPFDoor /malware/binaries/BPFDoor wltm
No response
Linux
Area
Malware reports
Parent threat
Defense Evasion
Finding
https://unfinished.bike/fun-with-the-new-bpfdoor-2023
Industry reference
attack:T1205.002:Socket Filters attack:T1205:Traffic Signaling uses:BPF uses:Non-persistentStorage attack:T1070.006:Timestomp attack:T1070.004:File Deletion
Malware reference
BPFDoor /malware/binaries/BPFDoor wltm
Actor reference
No response
Component
Linux
Scenario
No response