Storia in 2 fonti

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016.

Raccontata da

thehackernews.com

bleepingcomputer.com

Confronto fonti

2 prospettive sulla stessa storia

AI · summaries

thehackernews.comStai leggendo5 g fa

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

China-linked group Velvet Ant compromised PAM/OpenSSH—the Linux authentication layer—for nearly a decade, stealing credentials while evading detection through the trusted login system itself. For IT managers, this signals that authentication infrastructure requires file-integrity monitoring, not passive alerting; password resets fail when PAM/SSH are backdoored.

originale

bleepingcomputer.com5 g fa

Chinese hackers hijack auth flow, spy on isolated network for a decade

Velvet Ant backdoored PAM/OpenSSH on isolated infrastructure for 10 years, capturing all admin credentials since 2016. Auth compromise bypasses detection—defense requires EDR on auth stack, offline immutable backups, and file integrity monitoring.

Leggi questa versione → originale

Timeline cronologica

venerdì 12 giugno 2026·thehackernews.com
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016.
sabato 13 giugno 2026·bleepingcomputer.com
Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity.