DNS Is Being Abused to Hide Malware in Plain Sight

Threat actors are hiding malware fragments and C2 scripts in DNS TXT records, using subdomains to piece together full executable payloads like Joke Screenmate and Covenant stagers—completely under the radar of conventional defences.

Source: DomainTools

Read more: CyberSecBrief