Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.
“The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said.
Pluggable Authentication Modules
Hacker news
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
