New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

A

Admin User

Administrator of InfoSecCenter. Passionate about cybersecurity, information security, and technology.

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic
Save

A sophisticated remote access trojan has emerged from the China-linked cybercrime group Silver Fox, demonstrating how threat actors continue to evolve their techniques to evade detection. Dubbed MODBEACON, this Rust-based malware represents a concerning advancement in command-and-control (C2) communications by leveraging gRPC streaming technology to encrypt its traffic, making it significantly more challenging for traditional security solutions to identify and block.

According to researchers at QiAnXin, Silver Fox has developed MODBEACON as part of their operational arsenal. While the threat cluster may initially appear to be a low-sophistication operation with high activity levels, this perception masks the more sophisticated elements of their campaigns. The group primarily distributes their malware through counterfeit installers, employing search engine optimization (SEO) poisoning techniques to lure victims into downloading malicious software

Share

Shares: 0
LinkedIn WhatsApp Pinterest Print

You might also like

Comments (0)

Leave a Comment

No comments yet. Be the first to comment!