Plague (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.plague (Back to overview)

Plague

According to Nexttron Systems, this is an implant built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access.

References

2025-08-01 ⋅ Nextron Systems ⋅ Pezier Pierre-Henri
Plague: A Newly Discovered PAM-Based Backdoor for Linux
Plague

There is no Yara-Signature yet.

Plague Propose Change

References

Plague