EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
The Hacker News
Actively Exploited
Summary
The threat actor PlushDaemon has deployed a new Go-based network backdoor called EdgeStepper, which enables adversary-in-the-middle attacks by hijacking DNS queries. This redirection leads to the potential compromise of legitimate software updates, posing a significant risk to affected systems.
Impact
Not specified
In the Wild
Yes
Timeline
Newly disclosed
Remediation
Implement DNS security measures, monitor network traffic for anomalies, and ensure software updates are obtained from verified sources.