The malware known as "Detour Dog" utilizes the Domain Name System (DNS) to execute redirection tactics on tens of thousands of compromised websites globally. Since August 2023, the threat actor behind this malware has been identified and continues to enhance its functionalities beyond simple redirections, now evolving to incorporate remote execution commands via a DNS-based command-and-control (C2) system. The operational methodology involves making server-side DNS requests that remain undetectable to visitors and conditionally redirect users based on their geographic location and device type. The two primary malware components linked to this campaign are the "StarFish Backdoor" and "Strela Stealer." Strela Stealer, first documented in late 2022, predominantly targets European nations with a focus on Germany.