New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
PC World

Fileless Powershell malware uses DNS as covert communication channel

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored. The latest example ...
CSOonline

Fileless Powershell malware uses DNS as covert communication channel

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored. The latest example ...
Bleeping Computer

Malware Retrieves PowerShell Scripts from DNS Records

Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a ...
Computerworld

Fileless PowerShell malware uses DNS as covert channel

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored. The latest example ...
Threat Post

New Fileless Attack Using DNS Queries to Carry Out PowerShell Commands

A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers. A unique attack called DNSMessenger uses DNS queries to carry out malicious ...