Threat Actors Exploit Open-Source Tool Sliver to Evade Detection and Conduct Cyber Attacks

Threat actors are increasingly turning to Sliver as an open-source alternative to popular Command and Control (C2) frameworks. C2 frameworks are tools used by attackers to remotely control infected systems, exfiltrate data, and launch further attacks. However, with increased scrutiny and efforts to disrupt popular C2 frameworks, malicious actors are looking for new tools to evade detection. Sliver is a relatively new tool, but it has already been used in several cyber attacks and is gaining popularity among attackers. The tool is designed to be highly customizable and allows attackers to easily set up and maintain a C2 infrastructure. It also includes features such as encryption, compression, and the ability to evade detection by using legitimate services as a cover. One of the key advantages of Sliver is that it is open-source and can be easily modified and adapted to suit the needs of different attackers. This makes it harder for security researchers and defenders to detect and disrupt. Additionally, Sliver is written in Python, a widely used programming language, making it more accessible to a larger pool of potential attackers. The use of open-source tools by threat actors is not new, but it is becoming increasingly common as they look for ways to evade detection and stay ahead of security measures. In the past, attackers have also turned to other open-source tools such as Metasploit and Mimikatz to conduct their malicious activities. It is important for organizations to stay informed about new and emerging threats and to take steps to protect themselves. This includes implementing security best practices such as regular software updates, using advanced security solutions, and monitoring network traffic for suspicious activity. Additionally, organizations should also be aware of the potential use of open-source tools by attackers and include them in their threat hunting efforts. In conclusion, Sliver is an emerging threat that is quickly gaining popularity among threat actors as an open-source alternative to popular C2 frameworks. Organizations should be aware of this tool and take steps to protect themselves by implementing security best practices and using advanced security solutions.