Podcast Detail

SANS Stormcast Wednesday, July 8th, 2026: Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9998.mp3

Podcast Logo
Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost
00:00

My Next Class

Click HERE to learn more about classes Johannes is teaching for SANS

More Odd DNS Records: NIMLOC
https://isc.sans.edu/diary/More%20Odd%20DNS%20Records%3A%20NIMLOC/33128

From Invoice to AnyDesk: Uncovering a Phishing Campaign Targeting  Russian Aerospace Organizations
https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/

Tenda firmware (multiple versions) contains hidden authentication backdoor
https://kb.cert.org/vuls/id/213560

GitLost: GitHub AI Agent Leak
https://noma.security/wp-content/uploads/GitLostWorkflow_2.gif

My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich

Podcast Transcript

 Hello and welcome to the Wednesday, July 8th, 2026
 edition of the SANS Internet Storm Center's Stormcast. My
 name is Johannes Ullrich, recording today from
 Jacksonville, Florida. And this episode is brought to you
 by the SANS.edu Graduate Certificate Program in Cloud
 Security. Well, in diaries today, I wrote up about yet
 another odd DNS record. Yesterday, I talked about
 these NAPTR records. Well, today it's NIMLOC,
 which is something that I saw in my Zeek logs for quite a
 while, but never really sort of, you know, wrote up really
 what it's about. So definitely wanted to take care of that.
 And this is, I don't know, it's not a mistake that Zeek
 makes you calling it NIMLOC. It's actually the correct way
 to label it. I would have probably labeled it as net
 bias. So what's going on here is there is a DNS type of 32
 and that type has been defined twice. It was originally
 defined for the good old net bias name lookups, the port
 137 lookups. Well, that protocol, of course, got sort
 of obsoleted and now it's no longer being used. And then
 there was this other protocol Nimrod. It's sort of a routing
 protocol. And, well, that's also obsolete, but it's newer
 than the net bias protocol. And the official IANA list of
 DNS types assigns type 32 to NIMLOC. So that's what Zeek
 is using, even though what you're actually looking at, if
 you're seeing these records, is net bias traffic on port
 137. And that sort of also distinguishes it from the
 usual DNS traffic. Zeek still writes it to its DNS logs. And
 that's why you may come across this record. So, yeah,
 interesting history here. Ignore it for the most part.
 Doesn't seem to be anything bad. I see it from my Macs,
 actually, not really from Windows systems. But that's
 another story about, you know, how some operating systems
 keep these obsolete protocols around. And Segrite published
 a blog post detailing a recent interesting phishing attack
 that relied on AnyDesk. AnyDesk, of course, is
 legitimate help desk software that used to remotely access
 systems. So nothing really bad about it. But, of course,
 software like this is also very useful to attackers. And
 that's what's happening here. So the victim first receives
 an email. That email claims to be some kind of bill or some
 technical specification or such. And then what looks like
 a PDF is actually executable. And, yes, that's also password
 protected for sort of added protection from scanning.
 Well, the drop pod that's being installed then is not
 really downloading malware per se. Instead, it downloads a
 tray minimizer to basically hide software that's running.
 And then runs AnyDesk and uses the tray minimizer to hide the
 fact that AnyDesk is running. And then AnyDesk is basically
 being used as a persistent mechanism to connect to the
 infected system. Now, I want to point out that while
 AnyDesk, of course, is normal software, you definitely
 should track the use of any kind of remote control
 software like that. You can do that via network detection.
 But also on the endpoint, usually most EDR software will
 have the ability to flag software like AnyDesk. And you
 likely only have like one or two different sort of packages
 that you routinely use legitimately for remote
 access. And then having anything different or new
 being installed should certainly raise an alert.
 Also, there's plenty of activity here that sort of
 gives you opportunity for detection. Like, for example,
 the drop bar. Things like, you know, encrypted attachments
 that then contain executables. And typically for an
 attachment, you can still check the file type, even if
 it is encrypted. Like, you still see the file names and
 such. So make sure your detection software is able to
 do that, you know, in particular on mail gateways
 and the like, to detect the encrypted executables if
 they're being sent as an attachment. Changes to then
 your scheduler and such, of course, also should be
 flagged. And if you're using any devices made by 10DAN,
 that would be a router or a switch. Well, there is a
 hidden authentication backdoor that you should be aware of.
 And there is no patch. Now, the actual password is a
 configuration parameter. So you may be able to at least
 override it in the configuration file in order to
 basically not at least have the default backdoor password.
 But the way it works is that when you're entering your
 credentials, you're using a password and the password is
 not valid. It will also then check if the password that you
 used is this backdoor password. And then no matter
 the username, you will always be logged in as an
 administrator. And we have yet an example of, well, a pattern
 that I keep seeing being exploited. This is really just
 sort of the latest example of a vulnerability like this. The
 main problem here is that developers are allowing, well,
 basically anybody to file an issue, a complaint, a bug
 report for their software, and then use automatic AI agents
 to parse these issues and respond to them. And, well,
 that just is going wrong. You will have malicious actors
 that are then using various types of prompt injection in
 order to, for example, in this case, extract secrets. This
 particular issue here is with the GitHub agent. And the
 attacker is able then to basically extract any secrets
 that this agent has access to. The pattern, like I said,
 isn't unique to this particular sort of setup. We
 have had a number of different reports of issues like this.
 This is just sort of the latest example of it. Be
 really careful if you're allowing any kind of LM agent
 to read and respond to untrusted input. Well, it
 should be obvious. And if you're doing this, then make
 sure that these agents are very constrained in as to what
 kind of information they have access to. Well, and this is
 it for today. So thanks for listening. Thanks for liking.
 Thanks for recommending this podcast. And, as always, talk
 to you again tomorrow. Bye. Bye. Bye.