AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks

Description

AdaptixC2, an open-source post-exploitation and adversarial emulation framework, has been observed being used in real-world attacks. This versatile tool allows threat actors to execute commands, transfer files, and perform data exfiltration on compromised systems. Its open-source nature enables easy customization, making it highly flexible and dangerous. The framework supports sophisticated tunneling capabilities, modular design with extenders, and various beacon agent formats. Two infection scenarios were analyzed: one using social engineering via Microsoft Teams, and another likely involving AI-generated scripts. The increasing prevalence of AdaptixC2 in attacks, including its use alongside ransomware, highlights the growing trend of attackers leveraging customizable frameworks to evade detection.