All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

China-Linked Velvet Ant Group Backdoored Linux Login Software for Nearly a Decade in Operation Highland

By

CybersecurityNews

22d ago· 1 min readenNews

Summary

Security firm Sygnia has uncovered a long-running cyber espionage campaign called Operation Highland, linked to the China-nexus threat group Velvet Ant. The group backdoored Linux PAM (Pluggable Authentication Modules) and OpenSSH components to steal credentials and maintain persistent access on isolated networks, hiding inside trusted login infrastructure rather than deploying obvious malware. The operation has been active since at least 2016, demonstrating how sophisticated adversaries can evade detection by tampering with critical system files that defenders typically trust.

Source

bskyChina-Linked Velvet Ant Group Backdoored Linux Login Software for Nearly a Decade in Operation Highlandhendryadrian.com

Key quotes

· 4 pulled
Sygnia says China-nexus group Velvet Ant spent nearly a decade hiding inside Linux login components, backdooring PAM and OpenSSH to steal credentials and maintain access on isolated networks.
The campaign, called Operation Highland, shows how tampering with trusted infrastructure can evade normal cleanup and why defenders must verify critical system files.
Velvet Ant hid inside Linux PAM and OpenSSH components instead of using obvious malware.
The group has been active since at least 2016 and targeted isolated networks.
Snippet from the RSS feed
Sygnia says China-nexus group Velvet Ant spent nearly a decade hiding inside Linux login components, backdooring PAM and OpenSSH to steal credentials and maintain access on isolated networks. The campaign, called Operation Highland, shows h...

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.