Slack, GitHub Abused by New SLUB Backdoor in Targeted Attacks

March 8, 2019

Researchers from Trend Micro have come across a new piece of malware that abuses GitHub and Slack for command and control (C&C) communications.

The malware is a backdoor that the security firm tracks as SLUB (Backdoor.Win32.SLUB.A). The company’s researchers believe a “capable” threat group is behind SLUB, which appears to have been used only in targeted attacks.

Trend Micro warned back in 2017 that Slack and other popular chat platforms can serve as C&C servers, but the company says SLUB is the first piece of malware to actually leverage Slack for communications.

Read More on Security Week