Analysts found a new backdoor written in .NET implanted during the intrusion, which is probably highly associated with PurpleFox. This backdoor, which is called FoxSocket, leverages WebSockets to communicate with its command-and-control (C&C) servers, resulting in a more robust and secure means of communication compared to regular HTTP traffic.
Login to the community
No account yet? Create an account
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.