New Custom Malware Drokbk Uses GitHub To Avoid Detection
Part of the Iranian state-sponsored hacking group is being connected with the new custom malware Drokbk. One of its main features is using GitHub as a dead drop resolver to exfiltrate data from an infected device. Since GitHub traffic is encrypted, it is to know what data is being passed, which helps the malware avoid being detected. Read more...