favicon

T4K3.news

Hackers exploit DNS records to deliver malware

New technique reveals how hackers hide malware in DNS, evading traditional security measures.

July 16, 2025 at 11:15 AM
blur Hackers exploit a blind spot by hiding malware inside DNS records

A novel technique transforms DNS into a tool for malicious use.

Hackers hide malware in DNS records to evade security measures

Hackers are now using DNS records to conceal malware, taking advantage of security gaps in monitoring. This method enables them to deliver malicious scripts without relying on risky downloads or attachments, which are often blocked by antivirus tools. DomainTools researchers recently unveiled how they found a modified binary for Joke Screenmate hidden in several TXT DNS records under the domain whitetreecollective.com. This clever approach allows attackers to gather malware from less inspected DNS lookups, making detection much harder.

Key Takeaways

✔️
Hackers exploit DNS for stealthy malware delivery
✔️
Malware is stored in TXT records of DNS
✔️
Encrypted DNS makes detection increasingly difficult
✔️
Traditional defenses must adapt to new techniques

"Hackers have found an unexpected home for malware within DNS records."

This highlights how DNS has become a new target for cybercriminals.

"The evolution of malware delivery is astonishing and alarming."

This statement emphasizes the ongoing threat posed by innovative attack methods.

This discovery highlights a serious risk in cybersecurity. As hackers innovate, traditional defenses may fall short. The growing use of encrypted DNS formats adds to the challenge, making it crucial for security professionals to adapt their strategies. Solutions must evolve to strike a balance between usability and enhanced monitoring of DNS traffic. As malware becomes more sophisticated, the consequences of inaction could be severe.

Highlights

  • Hackers have found an unexpected home for malware within DNS records.
  • DNS is now a playground for malware hiding in plain sight.
  • The evolution of malware delivery is astonishing and alarming.
  • Monitoring DNS traffic has never been more critical.

Malware delivery via DNS poses significant security risks

The use of DNS records for hiding malware signifies a dangerous shift in cyber threats. As encryption protocols like DOH and DOT gain popularity, monitoring efforts may weaken further, exposing networks to greater attacks.

As cyber threats evolve, continuous vigilance and innovative solutions are essential for user safety.

🏷️
dnsmalwarecybersecuritysecurityhacking cybersecuritytechnologymalware

Enjoyed this? Let your friends know!

Related News

blur Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

Chinese hackers targeting Microsoft SharePoint zero-day vulnerability

blur Microsoft: Russian hackers use ISP access to hack embassies in AiTM attacks

Russian hackers use ISPs to infiltrate embassies

blur Hackers exploiting SharePoint zero-day seen targeting government agencies

SharePoint hacking campaign targets government agencies

blur Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Microsoft Links SharePoint Exploits to Chinese Hacker Groups

blur The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware

Kremlin Hacking Group Targets Diplomats

blur The top 3 cybersecurity risks posed by the Online Safety Act and age verification

New cybersecurity risks linked to the Online Safety Act

blur LuBian’s $3.5B 2020 Bitcoin Hack Now Worth $14.5B

LuBian Bitcoin theft now valued at $14.5 billion

blur FBI Warning To 10 Million Android Users - Disconnect Your Devices Now

FBI Tells 10 Million Android Users to Disconnect Devices

blur Cyberattack on Russian airline Aeroflot causes the cancellation of more than 100 flights

Cyberattack cripples Aeroflot operations