Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
07-Feb-23
Threat actors are using the Sliver command-and-control (C2) framework to carry out post-exploitation actions by taking advantage of known vulnerabilities in the Sunlogin program. The AhnLab Security Emergency Response Center (ASEC) discovered that security flaws in Sunlogin, a Chinese remote desktop software, are being exploited to launch a variety of payloads. In addition to using the Sliver backdoor, threat actors also installed reverse shells and disabled security software by using BYOVD (Bring Your Own Vulnerable Driver) malware, according to the researchers.
