"Decoy Dog Malware Upgraded to Include New Features"

Security researchers at Infoblox have released crucial updates on the “Decoy Dog” remote access trojan (RAT) toolkit in a new threat report published today.   Decoy Dog was initially discovered and disclosed in April 2023.  Decoy Dog has proven to be more sophisticated than previously thought, using DNS for command-and-control (C2), and is suspected to be employed in ongoing nation-state cyberattacks.  The researchers noted that after the disclosure of the toolkit, threat actors responded swiftly, adapting their systems to maintain access to compromised devices.  The researchers stated that the malware has also expanded its reach, with at least three different actors now operating it.  Though based on the open-source RAT Pupy, Decoy Dog is a new and previously unknown malware with advanced capabilities to persist on compromised devices.   The researchers noted that the malware can now move victims to different controllers, maintaining communication with compromised machines for extended periods.  Some victims have remained in contact with a Decoy Dog server for over a year.

Infosecurity reports: "Decoy Dog Malware Upgraded to Include New Features"