New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

A stealthy new backdoor named 'Plague' has been lurking in Linux systems, targeting the Pluggable Authentication Module (PAM) to silently steal credentials and cover its tracks. This malware has flown under the radar for a year, proving how sneaky and dangerous it is.

Plague is no ordinary malware. It's designed to hijack SSH access, allowing attackers to sneak into systems undetected. Once inside, it doesn't just steal data—it erases forensic traces, making it a nightmare for cybersecurity teams trying to track its movements.

The discovery of Plague highlights the evolving sophistication of cyber threats targeting Linux systems, which are often considered more secure than their Windows counterparts. This backdoor is a stark reminder that no system is immune to attack.

Experts from Nextron Systems have been reverse engineering Plague to understand its mechanisms and develop countermeasures. Their findings are a wake-up call for organizations relying on Linux for critical operations.