HQ/EMEAFind out how we can help your business
The Decoy Dog malware received new upgrades from developers earlier this month. This remote access trojan became more sophisticated than its previous versions since it uses DNS for its command-and-control server. Some researchers also believe that threat actors use the RAT in an ongoing nation-state cybercriminal attack.
Based on reports, the threat actors immediately responded to a researcher’s disclosure of a thorough explanation of the tool kit. The attackers adapted quickly and maintained access to infected devices.
Decoy Dog malware is now a weapon of multiple threat groups.
The Decoy dog has expanded its affiliation after becoming a weapon for three threat actors. This newly discovered RAT is a malware strain with advanced capabilities that could persist on infected devices.
Moreover, the malware could now relocate victims to different controllers despite maintaining communications with compromised machines for an extended duration. Other victims have remained in contact with the RAT’s server for over a year.
Researchers reminded everyone that DNS should be every organisation’s first defence to detect and prevent threats like Decoy Dog. Therefore, threat analysts need to study the techniques of the RAT so they can develop countermeasures.
On the other hand, the researchers who initially released the details of the previous version of Decoy Dog published a new dataset that contains DNS traffic captured from their servers.
A separate researcher also said that the lack of knowledge about the Decoy Dog malware makes it a grave threat to numerous organisations. As of now, the best protection against the malware is DNS. However, malicious activities are rarely detected since DNS remains insignificant to many developers in the cybersecurity landscape. Entities with a potent DNS strategy are the only ones who can negate the effects of the newly discovered RAT.
Furthermore, experts advise infected organisations to share threat intelligence and how the malware operators execute their attacks so other researchers can develop a plan to prevent similar actions. Decoy Dog is one of the most dangerous malware strains that circulate the cybercriminal landscape since it has advanced capabilities that do not exist to other threats.
