Security News

Cybersecurity news aggregator

⚔️
MEDIUM Attacks Help Net Security

GopherWhisper APT group hides command and control traffic in Slack and Discord

aptcommand-and-controlcyber-espionagemitre-ta0001mitre-ta0011
  • What: APT group uses Slack and Discord to hide C2 traffic
  • Impact: Enterprises using these platforms may be at risk of covert cyber espionage
Read Full Article →

Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied it to an intrusion at a Mongolian governmental entity. The name draws on two elements: most of the group’s tooling … More → The post GopherWhisper APT group hides command and control traffic in Slack and Discord appeared first on Help Net Security .

Related Articles

MEDIUM AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven Attacks Check Point Research MEDIUM Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies The Hacker News HIGH Silver Dragon Targets Organizations in Southeast Asia and Europe Check Point Research HIGH VoidLink: A Cloud-Native Linux Framework Built for Stealth and Scale | Hive Pro Web Discovery
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn