www.infosecurity-magazine.com
Open in
urlscan Pro
18.155.129.36
Public Scan
URL:
https://www.infosecurity-magazine.com/news/decoy-dog-malware-upgraded/
Submission: On August 14 via api from US — Scanned from DE
Submission: On August 14 via api from US — Scanned from DE
Form analysis
2 forms found in the DOMGET https://www.infosecurity-magazine.com/search/
<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
<input type="search" name="q" class="form-control" placeholder="Search site…" aria-label="Search keywords" required="required">
<button type="submit" class="form-button with-icon">
<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Search">
<path d="M15 15L21 21M10 17C6.13401 17 3 13.866 3 10C3 6.13401 6.13401 3 10 3C13.866 3 17 6.13401 17 10C17 13.866 13.866 17 10 17Z" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></path>
</svg>
</button>
</form>
GET https://www.infosecurity-magazine.com/search/
<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
<input type="search" name="q" class="form-control" placeholder="Search Infosecurity Magazine…" aria-label="Search keywords" required="required">
<input type="submit" value="Search" class="form-button">
</form>
Text Content
* Log In * Sign Up * * News * Magazine Features * Opinions * News Features * Interviews * Editorial * Blogs * Reviews * Slackspace * Next-Gen Infosec * Webinars * White Papers * Podcasts * Industry Events & Training * Magazine Events * Online Summits * Company Directory * Application Security * Automation * Big Data * Business Continuity * Cloud Security * Compliance * Cybercrime * Data Protection * Digital Forensics * Encryption * Human Factor * Identity Access Management * Industry Announcements * Internet Security * Malware * Managed Services * Mobile Security * Network Security * Payment Security * Physical and Information Security Convergence * Privacy * Risk Management * The Internet of Things * Log In * Sign Up * * News * Topics * Features * Webinars * White Papers * Podcasts * EventsEvents & Conferences * Directory * * Infosecurity Magazine Home » News » Decoy Dog Malware Upgraded to Include New Features DECOY DOG MALWARE UPGRADED TO INCLUDE NEW FEATURES News 25 Jul 2023 WRITTEN BY ALESSANDRO MASCELLINO Freelance Journalist * Email Alessandro * Follow @a_mascellino * * * Infoblox has unveiled crucial updates on the “Decoy Dog” remote access trojan (RAT) toolkit in a new threat report published today. Initially discovered and disclosed in April 2023, Decoy Dog has proven to be more sophisticated than previously thought, using DNS for command-and-control (C2) and is suspected to be employed in ongoing nation-state cyber-attacks. Following Infoblox’s disclosure of the toolkit, threat actors responded swiftly, adapting their systems to maintain access to compromised devices. The malware has also expanded its reach, with at least three different actors now operating it. Though based on the open-source RAT Pupy, Decoy Dog is a new and previously unknown malware with advanced capabilities to persist on compromised devices. The malware can now move victims to different controllers, maintaining communication with compromised machines for extended periods. Some victims have remained in contact with a Decoy Dog server for over a year. “It’s intuitive that DNS should be the first line of defense for organizations to detect and mitigate threats like Decoy Dog,” said Scott Harrell, Infoblox president and CEO. “As demonstrated with Decoy Dog, studying and deeply understanding the attacker’s tactics and techniques allows us to block threats before they are even known as malware.” Read more on similar attacks: Roaming Mantis’ Hacking Campaign Adds DNS Changer to Mobile App To support further investigation of the malware’s C2 systems, Infoblox has released a new dataset containing DNS traffic captured from their servers. “The lack of insight into underlying victim systems and vulnerabilities being exploited makes Decoy Dog an ongoing and serious threat,” explained Dr. Renée Burton, head of threat intelligence at Infoblox. “The best defense against this malware is DNS. Malicious activity often goes unnoticed because DNS is undervalued as a critical component in the security ecosystem. Only enterprises with a strong protective DNS strategy can protect themselves from these types of hidden threats.” Burton added. The executive will present exclusive insights in a talk, “Decoy Dog is No Ordinary Pupy,” at the Black Hat cybersecurity conference in Las Vegas on August 9. Infoblox researchers will also provide hands-on challenges using a live Pupy controller at their booth, demonstrating how DNS traffic is exploited to relay communications between clients and servers. YOU MAY ALSO LIKE 1. MALICIOUS ACTIVITY ON FOUR IN FIVE NETWORKS News16 Jun 2016 2. UK RETAILERS BRACED FOR ATTACKS THIS CHRISTMAS News14 Dec 2018 3. #INFOSEC19: DNS SECURITY COULD BE A MATCH FOR CRYPTO-JACKING News4 Jun 2019 4. MALICIOUS DOMAINS HIT NEAR-RECORD HIGHS News23 Mar 2016 5. #INFOSECURITYEUROPE: NEW STUDY TAKES A DEEP DIVE INTO LOOKALIKE ATTACKS News15 Jun 2023 WHAT’S HOT ON INFOSECURITY MAGAZINE? * Read * Shared * Watched * Editor's Choice NIST EXPANDS CYBERSECURITY FRAMEWORK WITH NEW PILLAR News10 Aug 2023 1 MULTIPLE FLAWS FOUND IN THE AVADA WORDPRESS THEME AND PLUGIN News11 Aug 2023 2 #BHUSA: US NATIONAL SECURITY AGENCY ANNOUNCES CODEBREAKER CHALLENGE THEME News10 Aug 2023 3 DHS TO REVIEW MICROSOFT’S SECURITY IN CHINESE EMAIL HACK News11 Aug 2023 4 UK GOVERNMENT SLAMMED FOR ENCRYPTION MISTRUTHS News11 Aug 2023 5 NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK News9 Aug 2023 6 NIST EXPANDS CYBERSECURITY FRAMEWORK WITH NEW PILLAR News10 Aug 2023 1 UNLOCKING INSIGHTS FROM CRYPTO.COM'S CYBERSECURITY LEADER Interview7 Aug 2023 2 UNRAVELING THE EC DATA BREACH: CYBERSECURITY EXPERTS WEIGH IN ON THE IMPLICATIONS News Feature9 Aug 2023 3 WHAT THE OWASP TOP 10 FOR LLMS MEANS FOR THE FUTURE OF AI SECURITY News Feature8 Aug 2023 4 NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK News9 Aug 2023 5 UK GOVERNMENT SLAMMED FOR ENCRYPTION MISTRUTHS News11 Aug 2023 6 COUNTERING TODAY’S TOP EMAIL THREATS: A TEAM EFFORT Webinar29 Jun 2023 1 IDENTIFY HOW CYBER CRIMINALS USE GENERATIVE AI IN BUSINESS EMAIL COMPROMISE (BEC) ATTACKS Webinar3 Aug 2023 2 INSIDER RISK: HOW TO KEEP YOUR DATA SAFE IN A HYBRID WORKING WORLD Webinar13 Jul 2023 3 DON'T TAKE THE BAIT: COLLABORATIVE INTELLIGENCE TO BUILD PHISHING RESILIENCE Webinar27 Jul 2023 4 STRATEGIC SHIELD: LEVERAGING THREAT INTELLIGENCE FOR SECURITY RESILIENCE Webinar8 Jun 2023 5 THE GROWING IMPORTANCE OF DIGITAL FORENSICS AND INCIDENT RESPONSE IN CORPORATE ENVIRONMENTS Webinar23 May 2023 6 UNRAVELING THE EC DATA BREACH: CYBERSECURITY EXPERTS WEIGH IN ON THE IMPLICATIONS News Feature9 Aug 2023 1 NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK News9 Aug 2023 2 TAMPA GENERAL HOSPITAL SUED OVER DATA BREACH News8 Aug 2023 3 HOW TO ENHANCE INFORMATION SECURITY RESILIENCE WITH THE NEW ISO/IEC 27001 STANDARD Webinar14 Sep 2023, 14:00 BST , 09:00 EDT 4 WHAT THE OWASP TOP 10 FOR LLMS MEANS FOR THE FUTURE OF AI SECURITY News Feature8 Aug 2023 5 CISA ANNOUNCES 2024-2026 STRATEGIC PLAN News4 Aug 2023 6 THE MAGAZINE * About Infosecurity * Meet the team * Contact us ADVERTISERS * Media pack CONTRIBUTORS * Forward features * Op-ed * Next-gen submission * * * * Copyright © 2023 Reed Exhibitions Ltd. * Terms and Conditions * Privacy Policy * Intellectual property statement * Cookies Settings * Cookie Policy * Sitemap We use cookies to analyse and improve our service, to improve and personalise content, advertising and your digital experience. We also share information about your use of our site with our social media, advertising and analytics partners. Cookie Policy Accept All Cookies Cookies Settings COOKIE PREFERENCE CENTRE We process your information, to deliver content or advertisements and measure the delivery of such content or advertisements, extract insights, and generate reports to understand service usage; and/or accessing or storing information on devices for that purpose. You can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more, to change our default settings, and/or view the list of Google Ad-Tech Vendors. Cookie Policy MANAGE CONSENT PREFERENCES STRICTLY NECESSARY COOKIES Always Active Strictly Necessary Cookies These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. Cookies Details PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. Cookies Details FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will experience less targeted advertising. Cookies Details UNCATEGORISED COOKIES Uncategorised cookies Uncategorised cookies are cookies that we are in the process of classifying, together with the providers of individual cookies. Cookies Details Confirm My Choices Back Button Back PERFORMANCE COOKIES Vendor Search Search Icon Filter Icon Clear Filters Information storage and access Apply Consent Leg.Interest All Consent Allowed Select All Vendors Select All Vendors All Consent Allowed * HOST DESCRIPTION View Cookies REPLACE-WITH-DYANMIC-HOST-ID * Name cookie name Confirm My Choices