Malware Using ICMP Tunneling to Avoid C&C Detection

May 04, 2021

A novel malware that uses a variety of tricks to stay hidden and avoid detection, while also being capable of executing arbitrary commands on infected systems.

Called ‘Pingback,’ the Windows malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications, allowing the adversary to utilize ICMP packets to piggyback attack code, according to an analysis published today by Trustwave.

Read More…