# Fysbis > Tipo: **malware** · S0410 · [MITRE ATT&CK](https://attack.mitre.org/software/S0410) ## Descrição [[s0410-fysbis|Fysbis]] é um backdoor baseado em Linux utilizado pelo [[g0007-apt28|APT28]] que remonta a pelo menos 2014. **Plataformas:** Linux ## Técnicas Utilizadas - [[t1132-001-standard-encoding|T1132.001 - Standard Encoding]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1036-004-masquerade-task-or-service|T1036.004 - Masquerade Task or Service]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1027-013-encryptedencoded-file|T1027.013 - Encrypted/Encoded File]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1543-002-systemd-service|T1543.002 - Systemd Service]] - [[t1036-005-match-legitimate-resource-name-or-location|T1036.005 - Match Legitimaté Resource Name or Location]] - [[t1547-013-xdg-autostart-entries|T1547.013 - XDG Autostart Entries]] - [[t1059-004-unix-shell|T1059.004 - Unix Shell]] ## Grupos que Usam - [[g0007-apt28|APT28]] ## Referências - [MITRE ATT&CK - S0410](https://attack.mitre.org/software/S0410)