{"version":"1.0","provider_name":"Xiarch Solutions Private Limited","provider_url":"https:\/\/xiarch.com\/blog","author_name":"Xiarch Security","author_url":"https:\/\/xiarch.com\/blog\/author\/vector\/","title":"Investigators Address of FaceFish Backdoor Expanding Linux Rootkits - Xiarch Solutions Private Limited","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"5xQK45FFkJ\"><a href=\"https:\/\/xiarch.com\/blog\/investigators-address-of-facefish-backdoor-expanding-linux-rootkits\/\">Investigators Address of FaceFish Backdoor Expanding Linux Rootkits<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/xiarch.com\/blog\/investigators-address-of-facefish-backdoor-expanding-linux-rootkits\/embed\/#?secret=5xQK45FFkJ\" width=\"600\" height=\"338\" title=\"&#8220;Investigators Address of FaceFish Backdoor Expanding Linux Rootkits&#8221; &#8212; Xiarch Solutions Private Limited\" data-secret=\"5xQK45FFkJ\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script>\n\/*! This file is auto-generated *\/\n!function(c,d){\"use strict\";var e=!1,o=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},c.wp.receiveEmbedMessage);else if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(!t);else if(!(t.secret||t.message||t.value));else if(\/[^a-zA-Z0-9]\/.test(t.secret));else{for(var r,s,a,i=d.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),n=d.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),o=new RegExp(\"^https?:$\",\"i\"),l=0;l<n.length;l++)n[l].style.display=\"none\";for(l=0;l<i.length;l++)if(r=i[l],e.source!==r.contentWindow);else{if(r.removeAttribute(\"style\"),\"height\"===t.message){if(1e3<(s=parseInt(t.value,10)))s=1e3;else if(~~s<200)s=200;r.height=s}if(\"link\"===t.message)if(s=d.createElement(\"a\"),a=d.createElement(\"a\"),s.href=r.getAttribute(\"src\"),a.href=t.value,!o.test(a.protocol));else if(a.host===s.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener(\"message\",c.wp.receiveEmbedMessage,!1),d.addEventListener(\"DOMContentLoaded\",t,!1),c.addEventListener(\"load\",t,!1);function t(){if(o);else{o=!0;for(var e,t,r,s=-1!==navigator.appVersion.indexOf(\"MSIE 10\"),a=!!navigator.userAgent.match(\/Trident.*rv:11\\.\/),i=d.querySelectorAll(\"iframe.wp-embedded-content\"),n=0;n<i.length;n++){if(!(r=(t=i[n]).getAttribute(\"data-secret\")))r=Math.random().toString(36).substr(2,10),t.src+=\"#?secret=\"+r,t.setAttribute(\"data-secret\",r);if(s||a)(e=t.cloneNode(!0)).removeAttribute(\"security\"),t.parentNode.replaceChild(e,t);t.contentWindow.postMessage({message:\"ready\",secret:r},\"*\")}}}}(window,document);\n<\/script>\n","thumbnail_url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/reseachers-warn-facefish-attack-featured-image.jpg","thumbnail_width":1000,"thumbnail_height":524,"description":"Cybersecurity investigators have discovered a new backdoor operation efficient of stealing user login information, device information and running arbitrary commands on Linux systems. The trojan dropper has been transformed \u201cFacefish\u201d by the Qihoo 360 Security team having its effectiveness to deliver various rootkits at different times and the use of Blowfish cipher to encode transmissions [&hellip;]"}