TechRepublic reports that the new Decoy Dog malware toolkit with the Pupy remote access trojan has been discovered by the Infoblox Threat Intelligence Group to be controlling a data exfiltration command-and-control server undetected since last April.
Fewer than 3% of all networks were found to have the Decoy Dog toolkit with Pupy, and only 18 domains have been associated with the toolkit, while most of the toolkit's C2 has been hosted in Russia, said the Infoblox report.
"One of the main dangers is nobody knows what it is. That means something is compromised and someone controls it, and nobody knows what that is. That's very unusual. We know what the signature is, but we do not know what it is controlling and nobody here does," said Infoblox Senior Director of Threat Intelligence Renee Burton, who also emphasized the association of the complex Pupy trojan with nation-state threat operations.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.