Cert2Connect

Bifrost RAT Adds Innovative Technique To Evade Detection

A new Linux variant of the Bifrost remote access Trojan (RAT) has emerged utilizing a deceptive domain download.vmfare[.]com to avoid detection.This domain imitates the legitimate VMware domain enabling the malware to bypass security measures and compromise targeted systems. Bifrost initially identified in 2004 allows attackers to gather sensitive information such as hostname and IP address. Once installed the malware collects user data and transmits it to the attackers server using RC4 encryption. Additionally research has uncovered that the malicious IP address hosts an ARM version of Bifrost suggesting an expansion of the attackers target scope to ARM-based devices which are becoming increasingly prevalent. This trend indicates a likelihood of cybercriminals incorporating ARM-based malware into their tactics.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak