Terrifying new Plague backdoor quietly infects Linux systems with undetectable stealth.
There’s a sneaky new threat targeting Linux systems and it’s called Plague. It’s not just another piece of malware. This thing is designed to live inside your authentication system and give hackers the keys to your server, all while staying hidden from antivirus tools.
Plague operates as a malicious PAM module. If you don’t already know, PAM is what Linux uses to handle authentication. By tapping directly into that layer, Plague can let attackers log in via SSH without ever entering a valid password. It’s silent. It’s persistent. And it’s extremely hard to detect.
The scariest part? Security researchers say not a single antivirus flagged it. Dozens of samples have been uploaded to VirusTotal over the past year, and none of them triggered a warning. That’s not just rare. That’s almost unheard of.
To stay under the radar, Plague wipes environment variables like SSH_CONNECTION and disables shell history logging. It literally scrubs any evidence of the attacker’s activity. Your logs will look clean even when your system is compromised.
It doesn’t stop there.
