Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Hackers exploit a blind spot by hiding malware inside DNS records

INTERNET, JUL 16 – Cybercriminals use DNS tunneling to hide malware in TXT records, enabling stealthy command-and-control and data theft while bypassing most security tools, researchers report.

  • Researchers recently discovered hackers hiding malicious binaries inside DNS TXT records to distribute Joke Screenmate malware on multiple subdomains.
  • This technique exploits DNS’s overlooked role in security, leveraging encrypted protocols like DOH and DOT and poorly monitored DNS traffic as a covert delivery channel.
  • DomainTools found malware encoded in hexadecimal fragments across DNS subdomains, allowing attackers to retrieve and reassemble binaries via innocuous DNS requests.
  • Patrick Sullivan said DNS posture management helps identify misconfigurations before adversaries exploit them, with typical scan results visible within ten minutes.
  • The findings imply that enterprises must improve DNS visibility and hygiene to prevent stealthy attacks that bypass most defenses and cause catastrophic breaches when DNS fails.
Insights by Ground AI
Does this summary seem wrong?

12 Articles

20minutos20minutos
Center

A Malware Hidden in the Dns and Armed with Ai Puts Antivirus in Check

They have discovered a technique in which malware hides in DNS TXT records and is rebuilt with the help of AI, a threat that even evades the most advanced security systems.

·Madrid, Spain
Read Full Article
Tech SpotTech Spot
Center

Hackers are now hiding malware in DNS, and using AI to reassemble it

Hiding ransomware inside a CPU was strange but now, attackers are going even deeper and broader across networks. In a recent discovery, security researchers revealed that a...

Read Full Article
WiredWired
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news
Lean Left

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

·United States
Read Full Article
Ars TechnicaArs Technica
Center

Hackers exploit a blind spot by hiding malware inside DNS records

Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names to their corresponding numerical IP addresses. The practice allows malicious scripts and early-stage malware to fetch binary files without having to download them from suspicious sites or attach them to emails, where they frequently get quarantined by antivirus software. That’s because traffic for…

·United States
Read Full Article
World NEWS LiveWorld NEWS Live

It seems even DNS records can be infected with malware now - here's why that's a major worry - WorldNL Magazine

(Image credit: Shutterstock.com) Researchers found evidence of Joke Screenmate malware hiding on DNS serversJoke Screenmate is a harmless, prank malwareThere are ways to defend against itHackers found a way to hide malware in the Domain Name System (DNS), cleverly evading detection and flying under the radar. This is according to security researchers from Domain Tools who, in a recent blog, detailed how they discovered the Joke Screenmate malwa…

Read Full Article
KorbenKorben

When Cyber Criminals Hide Their Malware in Dns

Do you know the joke about DNS? Well, that's really the problem since hackers have found how to hide a malware directly in DNS records. It's witchcraft, you'll see! DomainTools researchers have just discovered the new version of a technique that consists of storing malware in the DNS TXT records. You know, these are those small text fields that are normally used to prove that you own a domain when you configure Google Workspace or something else.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 75% of the sources are Center
75% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Ars Technica broke the news in United States on Wednesday, July 16, 2025.
Sources are mostly out of (0)

Similar News Topics

Technology icon

Technology

Internet icon

Internet

Cyber Security icon

Cyber Security

Artificial Intelligence icon

Artificial Intelligence

News
For You
SearchBlindspotLocal