BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Quasar Linux RAT Targets Developers’ Credentials

Stealthy Linux RAT targets developers to hijack software supply chains via credential theft

  • A new Linux malware, Quasar Linux RAT (QLNX), is stealthily targeting developers to steal credentials for software supply chains.
  • The malware can hide itself, harvest credentials from files like .kube/config and .npmrc, and has over 58 commands for complete host control.
  • Trend Micro researchers warn its combination of stealth, persistence, and credential theft creates a coherent and dangerous attack workflow.

Security researchers have uncovered a previously undocumented and highly stealthy Linux implant targeting developers, which poses a severe risk to software supply chain security according to a technical analysis by Trend Micro. The malware, codenamed Quasar Linux RAT (QLNX), aims to establish a silent foothold on systems to harvest critical credentials.

- Advertisement -

Consequently, it extracts secrets from high-value developer files like .npmrc, .pypirc, and .aws/credentials. This compromise could allow attackers to push malicious packages or access cloud infrastructure directly.

QLNX executes filelessly from memory and expertly hides by masquerading as a kernel thread. It also employs a two-tiered rootkit, using both a userland component and a kernel-level eBPF module to conceal its activity.

The implant is built for long-term stealth and supports 58 distinct commands for complete control. These commands enable shell execution, file management, keylogging, and even the establishment of network tunnels.

Furthermore, its PAM inline-hook backdoor intercepts plaintext credentials during logins. “The QLNX implant was built for long-term stealth and credential theft,” Trend Micro stated, highlighting its coherent and dangerous attack chain.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

GoPro founder loans $20M to save sinking company

GoPro founder and CEO Nicholas Woodman is extending $20 million in financing to the...

Sony Bank gains US approval to launch dollar stablecoins

Sony Bank received preliminary approval from the OCC to establish a US trust bank...

RoguePlanet Microsoft Defender Flaw Patched After Month Delay

Microsoft patched a Defender privilege escalation flaw called RoguePlanet, tracked as CVE-2026-50656, nearly a...

AVAX Surges 5.6% After Grayscale Shoutout, Outperforms BTC

Avalanche (AVAX) surged 5.6% in the daily charts and 2.7% over 14 days, outperforming...

Thai police arrest two in $122M crypto romance scam laundering

Thai police arrested two suspects for laundering romance-scam proceeds through crypto, using cross-chain swaps...

Must Read

Ethereum Hosting: TOP 10 Companies to Buy Hosting With Ethereum

If you are looking for Ethereum Hosting, you've hit the jackpot. In this article, we will present the 10 Best companies to buy hosting...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading