SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.bvp47 (Back to overview)

Bvp47

Actor(s): Equation Group

Pangu Lab discovered this backdoor during a forensic investigation in 2013. They refer to related incidents as "Operation Telescreen".

References
2022-05-11ExaTrackTristan Pourcelot
@techreport{pourcelot:20220511:tricephalic:d8d6265, author = {Tristan Pourcelot}, title = {{Tricephalic Hellkeeper: a tale of a passive backdoor}}, date = {2022-05-11}, institution = {ExaTrack}, url = {https://exatrack.com/public/Tricephalic_Hellkeeper.pdf}, language = {English}, urldate = {2022-05-25} } Tricephalic Hellkeeper: a tale of a passive backdoor
BPFDoor Bvp47 Uroburos
2022-04-11Pangu LabPangu Lab
@techreport{lab:20220411:bvp47:1265bad, author = {Pangu Lab}, title = {{Bvp47 Technical Details Report II}}, date = {2022-04-11}, institution = {Pangu Lab}, url = {https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group_ii.en.pdf}, language = {English}, urldate = {2022-09-19} } Bvp47 Technical Details Report II
Bvp47
2022-02-23The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20220223:chinese:06abbe8, author = {Ravie Lakshmanan}, title = {{Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool}}, date = {2022-02-23}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html}, language = {English}, urldate = {2022-03-01} } Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool
Bvp47
2022-02-23Bleeping ComputerIonut Ilascu
@online{ilascu:20220223:nsalinked:556c453, author = {Ionut Ilascu}, title = {{NSA-linked Bvp47 Linux backdoor widely undetected for 10 years}}, date = {2022-02-23}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years/}, language = {English}, urldate = {2022-03-01} } NSA-linked Bvp47 Linux backdoor widely undetected for 10 years
Bvp47
2022-02-23Pangu LabPangu Lab
@online{lab:20220223:bvp47:c8f2a2f, author = {Pangu Lab}, title = {{The Bvp47 - a Top-tier Backdoor of US NSA Equation Group}}, date = {2022-02-23}, organization = {Pangu Lab}, url = {https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/}, language = {English}, urldate = {2022-03-01} } The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Bvp47
2022-02-22Pangu LabPangu Lab
@techreport{lab:20220222:bvp47:0b9392d, author = {Pangu Lab}, title = {{Bvp47 - Top-tier Backdoor of US NSA Equation Group}}, date = {2022-02-22}, institution = {Pangu Lab}, url = {https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf}, language = {English}, urldate = {2022-03-01} } Bvp47 - Top-tier Backdoor of US NSA Equation Group
Bvp47

There is no Yara-Signature yet.