A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. The researchers have discovered that the malware uses DNS to receive instructions from attackers and to evade detection. Typically when a malware phones home to receive commands that should be executed, it will do so over the HTTP/S protocols for ease of use and communication but this can be detected by security software.
New Mozart Malware Gets Commands, Hides Traffic Using DNS – by @LawrenceAbramshttps://t.co/mJPukTckoD
— BleepingComputer (@BleepinComputer) February 24, 2020
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
