Mustang Panda, a cybersecurity research team, recently unveiled their latest backdoor with a twist – it takes advantage of the Qt and MQTT messaging protocols to gain access to Windows systems. This backdoor, which the team is calling “MQsTTang”, is a combination of the Qt network library and the MQTT message protocol.

The Qt library is a powerful cross-platform application framework which allows for communication between applications on different hardware platforms. MQTT, on the other hand, is a lightweight messaging protocol for communicating between devices over IP networks. By combining these two technologies, Mustang Panda has created a powerful backdoor that can be used to gain access to Windows systems.

MQsTTang works by first establishing a connection to the targeted device using the Qt library. Once connected, the backdoor will then use MQTT to communicate with the target system. This allows the attacker to send commands, receive information, and even execute malicious code on the target system.

The capabilities of this backdoor make it an attractive option for cybercriminals looking to gain access to a system undetected. It is also relatively easy to deploy, as it only requires a few lines of code.

Mustang Panda’s latest backdoor is an example of how the combination of two existing technologies can create powerful new malware. The team’s use of Qt and MQTT shows that attackers can use these two technologies to gain access to systems in an undetectable manner. As such, users are advised to take extra precautions to ensure their systems remain secure.

‍

Source: MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT - AlienVault - Open Threat Exchange