Security Affairs

NOVEMBER 3, 2019

Of course, the concentration of the traffic through nodes controlled by Moscow and the deployment of technical hardware provided by the government could open the door to a massive surveillance. Currently, among the 12 organizations that oversee DNS base servers worldwide there isn’t an entity in Russia. Pierluigi Paganini.

Internet 72

Internet Internet DNS Government 72

Security Affairs

JULY 7, 2019

China installs a surveillance app on tourists phones while crossing in the Xinjiang. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Scams 69

Scams Advertising Spyware DNS 69

Security Affairs

AUGUST 12, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. Security Affairs – Newsletter ).

Advertising 66

Advertising DNS Firmware Surveillance 66

Security Affairs

NOVEMBER 29, 2019

The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. If they manage to compromise a telecommunications company, they can then also compromise its customers for surveillance or sabotage purposes. Pierluigi Paganini.

Banking 122

Banking Telecommunications Marketing Internet 122

Malwarebytes

MAY 9, 2023

It contained a Russian name (redacted for privacy) followed by the DNR letters (probably Donetskaya Narodnaya Respublika, referring to one of the cities declared independent in 2014, and a known target to the group). Attackers made a great and long surveillance of this victim, which extended until Jan 2023. лидерывозрождения[.]рф)

Surveillance 85

Surveillance Accountability DNS Encryption 85

SecureList

NOVEMBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 133

Malware Banking Energy and Utilities Accountability 133

Security Affairs

SEPTEMBER 18, 2018

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. Our technique identified a total of 45 countries where Pegasus operators may be conducting surveillance operations.

Spyware 108

Spyware Mobile Surveillance DNS 108

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 145

Malware Government Surveillance Spyware 145

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 145

Malware Government Spyware Social Engineering 145

Security Affairs

JULY 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DNS 119

DNS Advertising Surveillance Malware 119