Terminology nitpick: This isn't a backdoor. This is an APT. (Otherwise, we need a new term for "code with an intentional security hole", which isn't what's happening here).
The press release: <a href="https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/" rel="nofollow">https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoo...</a>
The report: <a href="https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf" rel="nofollow">https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_...</a><p>This is an analysis of a file they obtained in 2013, which has elements that were revealed in the Shadow Brokers files. The list of victims is from those files, too, from 2017.
There's almost never an indication how the backdoor is installed. Is there an internet exploitable vulnerability in the TCP/IP stack?<p>Most home routers these days have firewalls enabled and no amount of NSA technical wizardry is going to get past those.
The title is ambiguious: "Bvp47 Linux backdoor" means "a virus called Bvp47 is a Linux backdoor", not "Linux has a backdoor which is named Bvp47"<p>The "backdoor" is refered from the pangulab report[1] but I think it actually means "virus" in common sense. (Maybe security people speek different technical jargons than linux users?)<p>[1] <a href="https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf" rel="nofollow">https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_...</a>
>> In the case of the Bvp47 Linux backdoor, Pangu Lab researchers say that it was used on targets in the telecom, military, higher-education, economic, and science sectors<p>So basically NSA spies also on scientists and their research.