Following the news APT17 DeputyDog hackers are pushing Blackcoffee malware using TechNet, Tim Erlin, Director of Product Management at Tripwire, has commented:
“Using a legitimate website to distribute malicious data is nothing new, but the addition of obfuscation here is a twist that makes detection just that much harder. Any website that allows for public comments to be submitted is already monitoring for abuse, but they can only detect what they’re actually looking for. Now that this technique has been surfaced, website administrators will adapt to identify it, and the criminals will have to shift again to avoid detection.”
(332)
