The Latest in IT Security

TrickBot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail

01
Mar
2022
TrickBot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail

image credit: pexels

Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware.

IBM Security X-Force, which discovered the revamped version of the criminal gang’s AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail.

AnchorMail “uses an email-based [command-and-control] server which it communicates with using SMTP and IMAP protocols over TLS,” IBM’s malware reverse engineer, Charlotte Hammond, said. “With the exception of the overhauled C2 communication mechanism, AnchorMail’s behavior aligns very closely to that of its AnchorDNS predecessor.”

Read More

Comments are closed.

Categories

TUESDAY, OCTOBER 04, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments