ChamelGang Expands Capabilities with New Linux Malware – ChamelDoH: A DNS-over-HTTPS Backdoor

ChamelGang Expands Capabilities with New Linux Malware – ChamelDoH: A DNS-over-HTTPS Backdoor

ChamelGang Expands Capabilities with New Linux Malware

Overview

The notorious threat actor, ChamelGang, has been discovered using a new malware to backdoor Linux systems. This expansion of the group’s capabilities has been observed by cybersecurity researchers from Stairwell.

ChamelDoH

The newly discovered malware is called ChamelDoH and is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. This method of communication makes it harder to detect and block the malware’s traffic.

ChamelGang

ChamelGang was first identified by Positive Technologies, a Russian cybersecurity firm, in September of 2021. Since then, they have been linked to various cyber attacks, including supply chain attacks and crypto mining campaigns. The discovery of ChamelDoH marks a new expansion of the group’s capabilities.

Summary

The discovery of ChamelGang’s new malware, ChamelDoH, has highlighted the group’s expansion of capabilities to backdoor Linux systems. This new method of communication via DNS-over-HTTPS makes it harder for detection and blocking. ChamelGang has been linked to various cyber attacks, including supply chain attacks and crypto mining campaigns, and continues to be a threat to cybersecurity.Original Article: https://thehackernews.com/2023/06/chameldoh-new-linux-backdoor-utilizing.html


0

Your Cart Is Empty

No products in the cart.