ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

MODBEACON RAT by Silver Fox uses gRPC streaming for encrypted C2

Source headline: New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

Threat level High
Signal strength 70/100
Source confidence 1 source
Published 5 days ago

Intelligence Summary

QiAnXin attributes the MODBEACON Rust-based remote access trojan to the China-linked Silver Fox cluster. The malware is reported to use gRPC streaming to carry encrypted command-and-control traffic. The group also appears to distribute via counterfeit installers and SEO poisoning to attract victims. While some activity looks like high-volume, lower-complexity malware delivery, the underlying operation is more organized than it first appears. This increases the risk of stealthy remote control and encrypted communications that can complicate detection and incident response.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#rat #c2-traffic #encrypted-c2 #grpc #modbeacon #rust-malware
Original reporting The Hacker News New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic
Open original source