Linfo

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Linfo](https://attack.mitre.org/software/S0211) is a rootkit trojan used by [Elderwood](https://attack.mitre.org/groups/G0066) to open a backdoor on compromised hosts. (Citation: Symantec Elderwood Sept 2012) (Citation: Symantec Linfo May 2012)

Associated Techniques (9)

ID	ATT&CK	Tactics
T1005	Data from Local System	-
T1008	Fallback Channels	-
T1029	Scheduled Transfer	-
T1057	Process Discovery	-
T1059.003	Windows Command Shell	-
T1070.004	File Deletion	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1105	Ingress Tool Transfer	-

Used by Actors (1)

Elderwood
Unknown

Metadata

ID:	641
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00