The Latest in IT Security

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

09
Dec
2022
Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

image credit: pixabay

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands.

“The use of GitHub as a virtual dead drop helps the malware blend in,” Secureworks principal researcher Rafe Pilling said. “All the traffic to GitHub is encrypted, meaning defensive technologies can’t see what is being passed back and forth. And because GitHub is a legitimate service, it raises fewer questions.”

Read More

Comments are closed.

Categories

MONDAY, FEBRUARY 06, 2023
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments