PurpleFox botnet variant uses WebSockets for more secure C2 communication
Security Affairs
OCTOBER 20, 2021
The payload fetched by the PowerShell targets 64-bit architecture systems, it is a long script consisting of three components: Tater (Hot Potato – privilege escalation) PowerSploit Embedded exploit bundle binary (privilege escalation). Most of the servers are located in China and belong to the infrastructure of the PurpleFox botnet.
Let's personalize your content