Stealthy Malware Leverages MQTT Protocol in Spam Campaigns

The creators of the WailingCrab malware have updated its C2 communication tactics and are targeting more regions globally. The backdoor component of the malware now communicates via MQTT, a lightweight IoT messaging protocol, making it harder for security teams to detect malicious activity. The redevelopers have also ceased using a single centralized MQTT “topic,” instead communicating through client-specific topics, limiting the visibility of the malware’s activities.