New Quasar Linux Malware Targets Software Developers with Rootkit and Backdoor

A previously undocumented Linux implant named Quasar Linux (QLNX) is actively targeting software developers with a combined rootkit, backdoor, and credential-stealing payload. The malware is designed to be stealthy and persist on compromised developer machines. Targeting developers specifically elevates the supply chain risk significantly — a compromised developer system can lead to poisoned source code, malicious commits, or tainted build artifacts reaching downstream users. The distribution vector is not yet disclosed in available reporting. Developers working on open-source projects or within sensitive supply chains should audit their Linux systems for indicators of QLNX and review recent commit histories for unauthorized changes.