Hackers exploit a blind spot by hiding malware inside DNS records
Hackers are using a new tactic to hide malware within DNS records, exploiting a blind spot in security defenses. By storing malicious scripts and early-stage malware in DNS records, they can evade detection by antivirus software that typically scans downloads and email attachments. This method allows them to fetch binary files without arousing suspicion, as DNS traffic is often overlooked by security tools compared to web and email traffic. Researchers have observed this technique being used to host the Joke Screenmate malware, which disrupts computer functions. The malware is encoded in hexadecimal format, making it harder to detect.
Ars Technica•