|
|
|
|
|
|
by jefftk
2183 days ago
|
|
|
DoH is a protocol for using HTTPS to learn what IPs to talk to. Malware does not need DoH to do this. They can simply run an ordinary HTTPS server with a self-signed cert on an arbitrary IP, with a simple JSON-based or whatever protocol, and have support for that in their client. |
|
|
Yes, you're right, of course.
There are any number of things that malware can do. Most of it doesn't, however, and can either be stopped completely or, at the least, detected quite easily using some basic techniques.