Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
SANS Stormcast Wednesday, July 8th, 2026: Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9998.mp3
My Next Class
Click HERE to learn more about classes Johannes is teaching for SANS
More Odd DNS Records: NIMLOC
https://isc.sans.edu/diary/More%20Odd%20DNS%20Records%3A%20NIMLOC/33128
From Invoice to AnyDesk: Uncovering a Phishing Campaign Targeting Russian Aerospace Organizations
https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/
Tenda firmware (multiple versions) contains hidden authentication backdoor
https://kb.cert.org/vuls/id/213560
GitLost: GitHub AI Agent Leak
https://noma.security/wp-content/uploads/GitLostWorkflow_2.gif
My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 13th - Jul 18th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Online | British Summer Time | Jul 27th - Aug 1st 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 21st - Sep 25th 2026 |
| Network Monitoring and Threat Detection In-Depth | Amsterdam | Nov 9th - Nov 14th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 14th - Dec 18th 2026 |
Podcast Transcript
Hello and welcome to the Wednesday, July 8th, 2026 edition of the SANS Internet Storm Center's Stormcast. My name is Johannes Ullrich, recording today from Jacksonville, Florida. And this episode is brought to you by the SANS.edu Graduate Certificate Program in Cloud Security. Well, in diaries today, I wrote up about yet another odd DNS record. Yesterday, I talked about these NAPTR records. Well, today it's NIMLOC, which is something that I saw in my Zeek logs for quite a while, but never really sort of, you know, wrote up really what it's about. So definitely wanted to take care of that. And this is, I don't know, it's not a mistake that Zeek makes you calling it NIMLOC. It's actually the correct way to label it. I would have probably labeled it as net bias. So what's going on here is there is a DNS type of 32 and that type has been defined twice. It was originally defined for the good old net bias name lookups, the port 137 lookups. Well, that protocol, of course, got sort of obsoleted and now it's no longer being used. And then there was this other protocol Nimrod. It's sort of a routing protocol. And, well, that's also obsolete, but it's newer than the net bias protocol. And the official IANA list of DNS types assigns type 32 to NIMLOC. So that's what Zeek is using, even though what you're actually looking at, if you're seeing these records, is net bias traffic on port 137. And that sort of also distinguishes it from the usual DNS traffic. Zeek still writes it to its DNS logs. And that's why you may come across this record. So, yeah, interesting history here. Ignore it for the most part. Doesn't seem to be anything bad. I see it from my Macs, actually, not really from Windows systems. But that's another story about, you know, how some operating systems keep these obsolete protocols around. And Segrite published a blog post detailing a recent interesting phishing attack that relied on AnyDesk. AnyDesk, of course, is legitimate help desk software that used to remotely access systems. So nothing really bad about it. But, of course, software like this is also very useful to attackers. And that's what's happening here. So the victim first receives an email. That email claims to be some kind of bill or some technical specification or such. And then what looks like a PDF is actually executable. And, yes, that's also password protected for sort of added protection from scanning. Well, the drop pod that's being installed then is not really downloading malware per se. Instead, it downloads a tray minimizer to basically hide software that's running. And then runs AnyDesk and uses the tray minimizer to hide the fact that AnyDesk is running. And then AnyDesk is basically being used as a persistent mechanism to connect to the infected system. Now, I want to point out that while AnyDesk, of course, is normal software, you definitely should track the use of any kind of remote control software like that. You can do that via network detection. But also on the endpoint, usually most EDR software will have the ability to flag software like AnyDesk. And you likely only have like one or two different sort of packages that you routinely use legitimately for remote access. And then having anything different or new being installed should certainly raise an alert. Also, there's plenty of activity here that sort of gives you opportunity for detection. Like, for example, the drop bar. Things like, you know, encrypted attachments that then contain executables. And typically for an attachment, you can still check the file type, even if it is encrypted. Like, you still see the file names and such. So make sure your detection software is able to do that, you know, in particular on mail gateways and the like, to detect the encrypted executables if they're being sent as an attachment. Changes to then your scheduler and such, of course, also should be flagged. And if you're using any devices made by 10DAN, that would be a router or a switch. Well, there is a hidden authentication backdoor that you should be aware of. And there is no patch. Now, the actual password is a configuration parameter. So you may be able to at least override it in the configuration file in order to basically not at least have the default backdoor password. But the way it works is that when you're entering your credentials, you're using a password and the password is not valid. It will also then check if the password that you used is this backdoor password. And then no matter the username, you will always be logged in as an administrator. And we have yet an example of, well, a pattern that I keep seeing being exploited. This is really just sort of the latest example of a vulnerability like this. The main problem here is that developers are allowing, well, basically anybody to file an issue, a complaint, a bug report for their software, and then use automatic AI agents to parse these issues and respond to them. And, well, that just is going wrong. You will have malicious actors that are then using various types of prompt injection in order to, for example, in this case, extract secrets. This particular issue here is with the GitHub agent. And the attacker is able then to basically extract any secrets that this agent has access to. The pattern, like I said, isn't unique to this particular sort of setup. We have had a number of different reports of issues like this. This is just sort of the latest example of it. Be really careful if you're allowing any kind of LM agent to read and respond to untrusted input. Well, it should be obvious. And if you're doing this, then make sure that these agents are very constrained in as to what kind of information they have access to. Well, and this is it for today. So thanks for listening. Thanks for liking. Thanks for recommending this podcast. And, as always, talk to you again tomorrow. Bye. Bye. Bye.





