BPFDoor is a highly evasive surveillance tool using the Berkeley Packet Filter (BPF). It is allegedly attributed to Chinese threat actors. It is assumed to be deployed on thousands of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years.

B1txor20 is assembling its army of bot on Linux machines. It is exploiting the Log4j vulnerable systems to gain access and maintain foothold.

BVP47 is a NSA backed Tailored Access oprations (TAO) backdoor. It is detected by Chinese firm back in 2013 which it disclosed now.

Hacker skim sensitive information from e-commerce website by deploying malware dubbed as linux_avp which is written in golang. Analysis of linux_avp suggests that it serves as backdoor, waiting for commands from a Alibaba hosted server 47.113.202.35

IPsec Helper is a backdoor implant used by Agrius APT. Agrius is attributed to Iran and allegedly targets Israeli systems. IPsec Helper is written in .net and provides many services to its owner.