New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

May 08, 2026

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm." The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.

Advertisement

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Posted by SHOWN

Post a Comment

0 Comments

Categories

Featured Post

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Most Popular

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

10 Free Tools to Get 10,000 Website Visitors Fast

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

Menu Footer Widget

Contact form

Advertisement

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Posted by SHOWN

You may like these posts

Post a Comment

0 Comments

Categories

Featured Post

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Social Plugin

Most Popular

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

10 Free Tools to Get 10,000 Website Visitors Fast

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

Menu Footer Widget

Contact form