SecureList
APRIL 27, 2021
During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.
Herjavec Group
AUGUST 26, 2021
2002 – Internet Attack — By targeting the thirteen Domain Name System (DNS) root servers, a DDoS attack assaults the entire Internet for an hour. 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. billion dollars in damages.
SecureList
SEPTEMBER 26, 2022
NullMixer is a dropper that includes more than just specific malware families; it drops a wide variety of malicious binaries to infect the machine with, such as backdoors, bankers, downloaders, spyware and many others. Satacom sends a DNS TXT-query to ‘ reosio.com ‘ and receives a response with a base64 encoded string.
Expert insights. Personalized for you.
139 
Let's personalize your content