Threat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method, marking a shift from its earlier role as a contact method for ransomware negotiations.
The findings from Uptycs, which analyzed an Executable and Linkable Format (ELF) artifact (“72client”) that functions as a bot and can run scripts on the compromised host using the Tox protocol.
Tox
This article has been indexed from The Hacker News
Read the original article: