The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities.
The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling.
ChamelGang was first outed by Russian cybersecurity firm Positive Technologies in September 2021,
Support here
Popular posts from this blog
- Client-Side Exploitation: abusing WebDAV+URL+LNK to Deliver Malicious Payloads
- Top 10 Deep Web and Dark Web Forums
- Ragnar Locker ransomware group taken down
- Update: MGLNDD_* Scans, (Sat, Feb 24th)
- A new path for Kyber on the web
- Windows 11 UAC Bypass in Modern Malware
- Everything Comes Back in Style: How Old TTPs are Remerging in China's E-Crime Ecosystem
- Dark Web Profile: Just Evil
- BlueShell Used in Attacks Against Linux Systems in Korea (2)
- Chinese-Speaking Group Manipulates SEO with BadIIS
Post a Comment
Post a Comment