Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎08-31-2025 06:18 PM
‎08-31-2025 06:18 PM

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Hi All

 

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes.

"In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a tunnel to an attacker-controlled command-and-control (C2) server," the Sophos Counter Threat Unit Research Team said in a report published this week.

While threat actors are known to adopt living-off-the-land (LotL) techniques or take advantage of legitimate remote monitoring and management (RMM) tools in their attacks, the use of Velociraptor signals a tactical evolution, where incident response programs are being used to obtain a foothold and minimize the need for having to deploy their own malware.

 

https://thehackernews.com/2025/08/attackers-abuse-velociraptor-forensic.html

 

Regards

 

Caute_Cautim

Reply
0 Replies