ink dragon

The Ink Dragon tag covers a sophisticated cyber espionage cluster tracked by security researchers. Threads detail how Ink Dragon operators compromise IIS and SharePoint servers to build a ShadowPad relay network, turning victim infrastructure into command-and-control hubs. The group blends malicious traffic with legitimate HTTP behavior to evade detection. Discussions focus on the technical evolution of this threat, including its use of Windows server components for stealthy persistence and lateral movement. The tag is relevant for IT security professionals monitoring advanced persistent threats targeting enterprise Windows environments.