Back

Leveraging DNS Tunneling for Tracking and Scanning

May 13, 2024, 7:28 p.m.

Tags

exploit
cobalt strike
dns query
trojan
2024-05-08
oilrig
dns tunneling
dns traffic
trkcdn campaign
alliance
attack
2024-05-09
2024-05-10
2024-05-13

External References

https://unit42.paloaltonetworks.com/

https://otx.alienvault.com/

Description

This article presents a case study on new applications of domain name system (DNS) tunneling PaloAlto Unit42 have found in the wild. These techniques expand beyond DNS tunneling only for command and control (C2) and virtual private network (VPN) purposes.

Date

Published Created Modified
May 13, 2024, 7:12 p.m. May 13, 2024, 7:12 p.m. May 13, 2024, 7:28 p.m.

Attack Patterns

Cobalt Strike

TA0011

T1572

T1071.001

T1132