RoadK1ll

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. The malware is a Node.js implant that communicates over a custom WebSocket protocol to sustain ongoing attacker access and enable further operations. RoadK1ll was discovered by managed detection and response (MDR) provider Blackpoint […]