Malware called ‘Pingback’ uses a variety of tricks to stay under the radar and evade detection. Malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications. The malware is capable of executing arbitrary commands on infected systems. Pingback leverages a method called DLL search order hijacking, which involves using a genuine application to preload a malicious DLL file. Researchers: “ICMP tunneling is not new, but this particular sample piqued interest as a real-world example of malware using this technique”
Source: https://thehackernews.com/2021/05/new-pingback-malware-using-icmp.html