www.infosecurity-magazine.com Open in urlscan Pro
18.155.129.36  Public Scan

Form analysis
2 forms found in the DOM

GET https://www.infosecurity-magazine.com/search/

<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
  <input type="search" name="q" class="form-control" placeholder="Search site…" aria-label="Search keywords" required="required">
  <button type="submit" class="form-button with-icon">
    <svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Search">
      <path d="M15 15L21 21M10 17C6.13401 17 3 13.866 3 10C3 6.13401 6.13401 3 10 3C13.866 3 17 6.13401 17 10C17 13.866 13.866 17 10 17Z" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></path>
    </svg>
  </button>
</form>

GET https://www.infosecurity-magazine.com/search/

<form method="get" action="https://www.infosecurity-magazine.com/search/" role="search">
  <input type="search" name="q" class="form-control" placeholder="Search Infosecurity Magazine…" aria-label="Search keywords" required="required">
  <input type="submit" value="Search" class="form-button">
</form>

Text Content

 * Log In
 * Sign Up

 * 

 * News
 * Magazine Features
 * Opinions
 * News Features
 * Interviews
 * Editorial
 * Blogs
 * Reviews
 * Slackspace
 * Next-Gen Infosec
 * Webinars
 * White Papers
 * Podcasts
 * Industry Events & Training
 * Magazine Events
 * Online Summits
 * Company Directory

 * Application Security
 * Automation
 * Big Data
 * Business Continuity
 * Cloud Security
 * Compliance
 * Cybercrime
 * Data Protection
 * Digital Forensics
 * Encryption
 * Human Factor
 * Identity Access Management
 * Industry Announcements
 * Internet Security
 * Malware
 * Managed Services
 * Mobile Security
 * Network Security
 * Payment Security
 * Physical and Information Security Convergence
 * Privacy
 * Risk Management
 * The Internet of Things

 * Log In
 * Sign Up

 * 
 * News
 * Topics
 * Features
 * Webinars
 * White Papers
 * Podcasts
 * EventsEvents & Conferences
 * Directory
 * * 

Infosecurity Magazine Home » News » Decoy Dog Malware Upgraded to Include New
Features


DECOY DOG MALWARE UPGRADED TO INCLUDE NEW FEATURES

News 25 Jul 2023


WRITTEN BY


ALESSANDRO MASCELLINO

Freelance Journalist

 * Email Alessandro
 * Follow @a_mascellino

 * 
 * 
 * 

Infoblox has unveiled crucial updates on the “Decoy Dog” remote access trojan
(RAT) toolkit in a new threat report published today. 

Initially discovered and disclosed in April 2023, Decoy Dog has proven to be
more sophisticated than previously thought, using DNS for command-and-control
(C2) and is suspected to be employed in ongoing nation-state cyber-attacks.

Following Infoblox’s disclosure of the toolkit, threat actors responded swiftly,
adapting their systems to maintain access to compromised devices.

The malware has also expanded its reach, with at least three different actors
now operating it. Though based on the open-source RAT Pupy, Decoy Dog is a new
and previously unknown malware with advanced capabilities to persist on
compromised devices. 

The malware can now move victims to different controllers, maintaining
communication with compromised machines for extended periods. Some victims have
remained in contact with a Decoy Dog server for over a year.

“It’s intuitive that DNS should be the first line of defense for organizations
to detect and mitigate threats like Decoy Dog,” said Scott Harrell, Infoblox
president and CEO.

“As demonstrated with Decoy Dog, studying and deeply understanding the
attacker’s tactics and techniques allows us to block threats before they are
even known as malware.”

Read more on similar attacks: Roaming Mantis’ Hacking Campaign Adds DNS Changer
to Mobile App

To support further investigation of the malware’s C2 systems, Infoblox has
released a new dataset containing DNS traffic captured from their servers.

“The lack of insight into underlying victim systems and vulnerabilities being
exploited makes Decoy Dog an ongoing and serious threat,” explained Dr. Renée
Burton, head of threat intelligence at Infoblox. 

“The best defense against this malware is DNS. Malicious activity often goes
unnoticed because DNS is undervalued as a critical component in the security
ecosystem. Only enterprises with a strong protective DNS strategy can protect
themselves from these types of hidden threats.” Burton added.

The executive will present exclusive insights in a talk, “Decoy Dog is No
Ordinary Pupy,” at the Black Hat cybersecurity conference in Las Vegas on August
9. 

Infoblox researchers will also provide hands-on challenges using a live Pupy
controller at their booth, demonstrating how DNS traffic is exploited to relay
communications between clients and servers.




YOU MAY ALSO LIKE


 1. MALICIOUS ACTIVITY ON FOUR IN FIVE NETWORKS
    
    News16 Jun 2016


 2. UK RETAILERS BRACED FOR ATTACKS THIS CHRISTMAS
    
    News14 Dec 2018


 3. #INFOSEC19: DNS SECURITY COULD BE A MATCH FOR CRYPTO-JACKING
    
    News4 Jun 2019


 4. MALICIOUS DOMAINS HIT NEAR-RECORD HIGHS
    
    News23 Mar 2016


 5. #INFOSECURITYEUROPE: NEW STUDY TAKES A DEEP DIVE INTO LOOKALIKE ATTACKS
    
    News15 Jun 2023


WHAT’S HOT ON INFOSECURITY MAGAZINE?

 * Read
 * Shared
 * Watched
 * Editor's Choice


NIST EXPANDS CYBERSECURITY FRAMEWORK WITH NEW PILLAR

News10 Aug 2023
1


MULTIPLE FLAWS FOUND IN THE AVADA WORDPRESS THEME AND PLUGIN

News11 Aug 2023
2


#BHUSA: US NATIONAL SECURITY AGENCY ANNOUNCES CODEBREAKER CHALLENGE THEME

News10 Aug 2023
3


DHS TO REVIEW MICROSOFT’S SECURITY IN CHINESE EMAIL HACK

News11 Aug 2023
4


UK GOVERNMENT SLAMMED FOR ENCRYPTION MISTRUTHS

News11 Aug 2023
5


NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK

News9 Aug 2023
6



NIST EXPANDS CYBERSECURITY FRAMEWORK WITH NEW PILLAR

News10 Aug 2023
1


UNLOCKING INSIGHTS FROM CRYPTO.COM'S CYBERSECURITY LEADER

Interview7 Aug 2023
2


UNRAVELING THE EC DATA BREACH: CYBERSECURITY EXPERTS WEIGH IN ON THE
IMPLICATIONS

News Feature9 Aug 2023
3


WHAT THE OWASP TOP 10 FOR LLMS MEANS FOR THE FUTURE OF AI SECURITY

News Feature8 Aug 2023
4


NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK

News9 Aug 2023
5


UK GOVERNMENT SLAMMED FOR ENCRYPTION MISTRUTHS

News11 Aug 2023
6



COUNTERING TODAY’S TOP EMAIL THREATS: A TEAM EFFORT

Webinar29 Jun 2023
1


IDENTIFY HOW CYBER CRIMINALS USE GENERATIVE AI IN BUSINESS EMAIL COMPROMISE
(BEC) ATTACKS

Webinar3 Aug 2023
2


INSIDER RISK: HOW TO KEEP YOUR DATA SAFE IN A HYBRID WORKING WORLD

Webinar13 Jul 2023
3


DON'T TAKE THE BAIT: COLLABORATIVE INTELLIGENCE TO BUILD PHISHING RESILIENCE

Webinar27 Jul 2023
4


STRATEGIC SHIELD: LEVERAGING THREAT INTELLIGENCE FOR SECURITY RESILIENCE

Webinar8 Jun 2023
5


THE GROWING IMPORTANCE OF DIGITAL FORENSICS AND INCIDENT RESPONSE IN CORPORATE
ENVIRONMENTS

Webinar23 May 2023
6



UNRAVELING THE EC DATA BREACH: CYBERSECURITY EXPERTS WEIGH IN ON THE
IMPLICATIONS

News Feature9 Aug 2023
1


NORTHERN IRELAND POLICE OFFICERS VULNERABLE AFTER DATA LEAK

News9 Aug 2023
2


TAMPA GENERAL HOSPITAL SUED OVER DATA BREACH

News8 Aug 2023
3


HOW TO ENHANCE INFORMATION SECURITY RESILIENCE WITH THE NEW ISO/IEC 27001
STANDARD

Webinar14 Sep 2023, 14:00 BST , 09:00 EDT
4


WHAT THE OWASP TOP 10 FOR LLMS MEANS FOR THE FUTURE OF AI SECURITY

News Feature8 Aug 2023
5


CISA ANNOUNCES 2024-2026 STRATEGIC PLAN

News4 Aug 2023
6



THE MAGAZINE

 * About Infosecurity
 * Meet the team
 * Contact us


ADVERTISERS

 * Media pack


CONTRIBUTORS

 * Forward features
 * Op-ed
 * Next-gen submission

 * 
 * 
 * 

 * Copyright © 2023 Reed Exhibitions Ltd.
 * Terms and Conditions
 * Privacy Policy
 * Intellectual property statement
 * Cookies Settings
 * Cookie Policy
 * Sitemap





We use cookies to analyse and improve our service, to improve and personalise
content, advertising and your digital experience. We also share information
about your use of our site with our social media, advertising and analytics
partners. Cookie Policy

Accept All Cookies
Cookies Settings



COOKIE PREFERENCE CENTRE

We process your information, to deliver content or advertisements and measure
the delivery of such content or advertisements, extract insights, and generate
reports to understand service usage; and/or accessing or storing information on
devices for that purpose.

You can choose not to allow some types of cookies. However, blocking some types
of cookies may impact your experience of the site and the services we are able
to offer. Click on the different category headings to find out more, to change
our default settings, and/or view the list of Google Ad-Tech Vendors.


Cookie Policy



MANAGE CONSENT PREFERENCES

STRICTLY NECESSARY COOKIES

Always Active
Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.



Cookies Details‎

PERFORMANCE COOKIES

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site.

Cookies Details‎

FUNCTIONAL COOKIES

Functional Cookies

These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.

Cookies Details‎

TARGETING COOKIES

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. If you do not allow these cookies, you will
experience less targeted advertising.

Cookies Details‎

UNCATEGORISED COOKIES

Uncategorised cookies

Uncategorised cookies are cookies that we are in the process of classifying,
together with the providers of individual cookies.

Cookies Details‎
Confirm My Choices

Back Button

Back


PERFORMANCE COOKIES



Vendor Search Search Icon Filter Icon


Clear Filters

Information storage and access
Apply
Consent Leg.Interest

All Consent Allowed

Select All Vendors
Select All Vendors
All Consent Allowed

 * HOST DESCRIPTION
   
   View Cookies
   
   REPLACE-WITH-DYANMIC-HOST-ID
    * Name
      cookie name

Confirm My Choices