Pierluigi Paganini March 04, 2024
New Linux variant of BIFROSE RAT uses deceptive domain strategies

A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, […]

Pierluigi Paganini December 11, 2015
A well-funded cyber criminal group targets Asian organizations

Trend Micro announced that the Asian market are being targeted more than ever by well-funded cyber criminal group that appears very organized. The attacks rely on the Bifrose code to develop their backdoor, a malware that has been around since 2008. In 2014 it was reported that a new version of Bifrose appeared in the wild. Among the improvements observed […]

Pierluigi Paganini August 30, 2014
Bifrose malware leveraging on Tor caught in a targeted attack on a device manufacturer

Security experts at TrendMicro have detected a new variant of the BIFROSE malware leveraging on the Tor network in a targeted attack. Security experts at TrendMicro have been investigating a targeted attack against a device manufacturer when they discovered that BIFROSE malware, a well-known backdoor, has infected the systems of the company.  BIFROSE has been around for many […]