Hidden DNS malware armed with AI discovered, putting antivirus software at risk
It seems like everything has been invented in the world of cybersecurity, but they just found malware hidden in the DNS system, something that was rebuilt using artificial intelligence.
What was once just basic network infrastructure has now become a means of spreading malware.
According to research, attackers began fragmenting executable files into hundreds of hidden TXT records within their own domains.
It's worth noting that these DNS records are typically used to verify domain ownership, but now they appear to have become a covert means of distributing malware.
Researchers discovered hexadecimal-encoded executable file headers hidden within subdomains, allowing them to reconstruct a complete binary file. This specific malware is a software version that mimics destructive behavior and may affect user control.
They also found a PowerShell script embedded in the TXT logs, designed to connect to a remote server associated with the Covenant framework, a forensic tool used in security audits.
This could eventually allow additional payloads to be downloaded as part of a more complex attack chain.
The attackers also used an AI text generator to automatically reconstruct malware fragments from DNS records.
This research demonstrates that there are no longer “secure layers” in digital infrastructure and that any corner of the system can become a threat.