The custom malware used by the state-backed Iranian threat group Drokbk has so far flown under the radar by using GitHub as a “dead-drop resolver” to more easily evade detection.
The custom malware used by the state-backed Iranian threat group Drokbk has so far flown under the radar by using GitHub as a “dead-drop resolver” to more easily evade detection.