Evasive Linux Malware Detection Video Presentation (BPFDoor)

Linux Forensics Videos Presentations Linux Security Malware Education

Date: November 14, 2023

Author: The Sandfly Security Team

Sandfly founder Craig Rowland recently spoke at the Oslo Cold Incident Response Conference on evasive Linux malware. Although talks were not recorded, he made a video of the presentation he gave below.

This talk focused on the infamous BPFDoor backdoor. BPFDoor used a combination of simple evasion techniques to avoid detection on Linux by doing the following:

Process masquerading
Anti-forensics
Firewall bypasses
Covert communications and encryption
Professionally written and deployed

In this presentation we go over the elements that make for effective Linux malware and how to detect it using simple command line forensics.

Slides for the talk are below:

Evasive Linux Malware and Backdoors Slides

We thank the organizers of the conference for having us speak.

Let Sandfly keep your Linux systems secure.

Learn More

Evasive Linux Malware Detection Video Presentation (BPFDoor)

Share this:

Let Sandfly keep your Linux systems secure.