Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied it to an intrusion at a Mongolian governmental entity. The name draws on two elements: most of the group’s tooling … More →The post GopherWhisper APT group hides command and control traffic in Slack and Discord appeared first on Help Net Security.