DNS tunneling used to conceal C2 comms traffic
https://www.bleepingcomputer.com/news/security/new-linux-botnet-exploits-log4j-uses-dns-tunneling-for-comms/
A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies.
The newly found malware, dubbed B1txor20 by researchers at Qihoo 360's Network Security Research Lab (360 Netlab), focuses its attacks on Linux ARM, X64 CPU architecture devices.