all InfoSec news
Cybercriminals Exploit Google Ads to Spread IP Scanner with Concealed Backdoor
April 23, 2024, 8 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
A new malicious advertising campaign on Google Ads is exploiting a group of up to 45 domains that impersonate an IP scanner to distribute a new backdoor called MadMxShell.
What is MadMxXhell?
MadMxShell is a sophisticated Windows backdoor that uses DNS MX queries to communicate with its C2 server, located at litterbolo[.]com. The malware can:
- Collect system data.
- Run commands via Cmd.exe.
- Read, write, and delete files on the infected host.
ANY.RUN’s network tab shows attempts to make …
ads advertising backdoor called campaign cybercriminals dns domains exploit exploiting google google ads ip scanner madmxshell malicious malicious advertising scanner server what is windows
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Associate Engineer (Security Operations Centre)
@ People Profilers | Singapore, Singapore, Singapore
DevSecOps Engineer
@ Australian Payments Plus | Sydney, New South Wales, Australia
Senior Cybersecurity Specialist
@ SmartRecruiters Inc | Poland, Poland