A long-running, stealthy campaign attributed to the China-nexus actor tracked as Velvet Ant has been found to include deeply engineered backdoors in the authentication stack: modified OpenSSH binaries and tampered PAM modules that exfiltrate credentials, record every executed command, and conceal attacker activity. The discovery, part of Sygnia’s Operation Highland investigation, reveals nearly a decade […]

The post Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/modified-openssh-binaries/