Linux Malware Evades Detection by Hiding Code in RAR Filenames, Delivers VShell Backdoor

Saturday, 23 August

Saturday, 23 August, 2025

Linux Malware Evades Detection by Hiding Code in RAR Filenames, Delivers VShell Backdoor

A new Linux-specific attack sends phishing emails with RAR attachments containing maliciously crafted filenames that embed Base64-encoded Bash commands. When a shell script lists these filenames, the code executes—bypassing antivirus tools that don’t inspect filenames. The embedded payload then downloads an ELF binary tailored to the system’s architecture, installs the VShell backdoor, and connects to a C2 server for encrypted control. This stealthy method exploits shell parsing flaws.

Read full story at The Hacker News

Tags:malware Linux Phishing

Categories

Linux Malware Evades Detection by Hiding Code in RAR Filenames, Delivers VShell Backdoor

Also Read

Linux Malware Evades Detection by Hiding Code in RAR Filenames, Delivers VShell Backdoor

China Proposes Draft Rules to Ensure Fair, Transparent Pricing on Internet Platforms

Meta Licenses Midjourney’s Aesthetic AI Tech to Elevate Its Visual Generation

Databricks to Acquire Sequoia-Backed Tecton to Power Real-Time AI Agent Workflows

TRAI’s AI Regulatory Blueprint Under Government Review as MeitY Advances Trustworthy AI Projects

Investors Pin Hopes on Nvidia Earnings as U.S. Tech Shares Show Weakness

AI’s Hidden Climate Toll: Data Centers Devour Water and Energy at Alarming Rates

Apple Plans TechWoven Cases for iPhone 17 After FineWoven Durability Backlash

Indian Government Clarifies: TikTok Ban Still in Place Despite Website Access Restoration

Subscribe To Our Newsletter.