Global News

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

October 16, 2025

Written by:

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv.
“This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely

Source: https://thehackernews.com/2025/10/linkpro-linux-rootkit-uses-ebpf-to-hide.html

#rootkituses #linuxrootkit #rootkit #usesebpf #linkprolinux

Global News

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

Leave a comment Cancel reply

Yekaterinburg Court Jails 5 Leftist Activists Over Alleged Coup Attempt

Central Bank of Ireland publishes roadmap to deliver a more effective and efficient regulatory framework

Rhasidat Adeleke renews Allianz sponsorship as calls grow for GAA to scrap deal

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

Share this:

Leave a comment Cancel reply

Yekaterinburg Court Jails 5 Leftist Activists Over Alleged Coup Attempt

Central Bank of Ireland publishes roadmap to deliver a more effective and efficient regulatory framework

Rhasidat Adeleke renews Allianz sponsorship as calls grow for GAA to scrap deal