Researchers have tracked new malware named Decoy Dog that helps hackers avoid detection.
Decoy Dog's DNS fingerprint is extremely rare and unique among the 370 million active domains on the internet.
- Decoy Dog helps threat actors evade standard detection methods, aiming to penetrate networks before switching to deploying malicious activity.
- Most communications from its C2 communication servers were tracked back to Russia.
- Researchers have concluded that the malware has similarities with Pupy RAT.
- Pupy RAT is an open-source toolkit used by several nation-state threat actors. The group can breach Windows, macOS, Linux, and Android systems.