Advertisement
Top
image credit: Pixabay

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

June 16, 2023

Via: The Hacker News
Category:

The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor’s capabilities.

The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling.

ChamelGang was first outed by Russian cybersecurity firm Positive Technologies in September 2021, detailing its attacks on fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan.

Read More on The Hacker News

RELATED PUBLICATIONS

The importance of the Vulnerability Operations Centre for cybersecurity
Are passwordless systems the future of authentication?
New Linux variant of BIFROSE RAT uses deceptive domain strategies

Latest Publications

US water facility OT infrastructure is under attack again
Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good
Notorious Finnish Hacker sentenced to more than six years in prison
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!