Decoy Dog is a sophisticated malware toolkit that was discovered in early April 2023.
It employs evasive techniques such as strategic domain aging and DNS query dribbling, and is rarely used with only 0.0000027% of the 370 million active domains on the internet matching its DNS signature.
It is delivered by DNS tunneling and is associated with nation-state actors from China.
It has three distinct infrastructure configurations and unusual DNS beaconing behavior with periodic, but infrequent, DNS requests.
It is possible the same toolkit is being used by multiple threat actors.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply