Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Silver Fox, a China-linked threat cluster, has deployed MODBEACON, a memory-resident, plugin-based remote access trojan written in Rust, that conceals command-and-control traffic inside gRPC streams using open-source Xray/V2Ray proxy code, making it indistinguishable from legitimate cloud traffic to conventional network monitors. Organizations in technology, education, and state-owned enterprise sectors across Asia are the reported targets, with C2 infrastructure hosted on Amazon and Cloudflare CDN to further blend into normal business traffic. The business risk is significant: the fileless, modular architecture evades most endpoint detection tools, CDN-blended C2 defeats perimeter inspection, and the multi-distributor operational model suggests a sustained, coordinated campaign rather than opportunistic intrusion.

Author

Tech Jacks Solutions