espn ✔️ on Nostr: 🚨 Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection ...
🚨 Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up. "The payload isn't hidden inside the file content or a macro, it's encoded directly.
Published at
2025-08-22 15:44:47 UTCEvent JSON
{
"id": "aec4e2b584f227dbfacd51936ec412be551599d00c4f5c3c737c39cc66d07cd7",
"pubkey": "21b1b8c0e8f7647e4a668b87d42c0d044b6ca85f8e752bad1fb68479be4ac929",
"created_at": 1755877487,
"kind": 1,
"tags": [
[
"r",
"https://image.nostr.build/b2a3457deef176f0930e20e727fc5e95e9ba9e08ff38266477025de3fd978461.jpg"
],
[
"imeta",
"url https://image.nostr.build/b2a3457deef176f0930e20e727fc5e95e9ba9e08ff38266477025de3fd978461.jpg",
"x 787cc70bb5cc2e4145661665e756ed974c10ee3a69fed78060d8ac8c5dea65da",
"size 24876",
"m image/jpeg",
"dim 728x380",
"blurhash iGRMe;%M_3%Mxvbc-:xZxt~qIVIUWYM{s:x]%Lt6jsofRjj@ofWBflWDj]xuxuoyn#t6RkWBM|WF~qkCIUR*WAoJRlWEa#",
"ox 787cc70bb5cc2e4145661665e756ed974c10ee3a69fed78060d8ac8c5dea65da",
"alt "
]
],
"content": "🚨 Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection\n\nhttps://image.nostr.build/b2a3457deef176f0930e20e727fc5e95e9ba9e08ff38266477025de3fd978461.jpg\n\nCybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The \"Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,\" Trellix researcher Sagar Bade said in a technical write-up. \"The payload isn't hidden inside the file content or a macro, it's encoded directly.\n\n\n\n",
"sig": "ea9ecfa245063e9d71183c1acc527254541163fc904d6fdf71daa4d64f6d4df964769ab273414999f7e3702c457f4af46f627206cf7a436aef4683985a02a6d6"
}
