Malware

Havoc

First seen: 2022-09 • Status: active

Currently Active Threat

Havoc is a free hacking framework that attackers use to control compromised computers. It is becoming popular because it is free and hard to detect.

Overview

Havoc is an open-source command and control framework similar to Cobalt Strike. It is increasingly used by threat actors as an alternative to commercial C2 tools.

Also Known As

Havoc C2, Havoc Framework

How It Spreads

  • Phishing
  • Exploitation
  • Malware dropper delivery

What It Does

  • Command and control
  • Post-exploitation
  • Lateral movement
  • Data exfiltration

Is your business exposed?

Target Platforms

Windows, Linux

Detection Tips

  • Monitor for Havoc network signatures
  • Watch for unusual beacon behavior

MITRE ATT&CK Techniques

T1071, T1059, T1021

If You're Infected

  1. 1.

    Isolate infected systems

  2. 2.

    Engage incident response

Related Malware

Cobalt Strike, Sliver

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices