Backdoor Infecting VPNs Used ‘Magic Packets’ For Stealth and Security

0
26
An anonymous reader quotes a report from Ars Technica: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what’s known in the business as a “magic packet.

” On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network’s Junos OS has been doing just that. J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access.

After receiving a magic packet hidden in the normal flow of TCP […].

To see the full article CLICK HERE