216.73.216.133

Leveraging DNS Tunneling for Tracking and Scanning

· Published 13/05/2024 19:12 · Modified 13/05/2024 19:28

Export JSON

Essential information

Published
13/05/2024 19:12
Modified
13/05/2024 19:28
Tags
2024-05-08 2024-05-09 2024-05-10 2024-05-13 alliance attack cobalt strike dns query dns traffic dns tunneling exploit oilrig trkcdn campaign trojan
Related entities
63 observables, 4 techniques (mitre), 1 malware

Description

This article presents a case study on new applications of domain name system (DNS) tunneling PaloAlto Unit42 have found in the wild. These techniques expand beyond only for command and control (C2) and virtual private network (VPN) purposes.

External references