2010 Accountability DNS Malware 
Krebs on Security
JUNE 21, 2023
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?
Krebs on Security
AUGUST 2, 2022
Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
JANUARY 8, 2024
As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. bank accounts. And there were many good reasons to support this conclusion.
Cisco Security
NOVEMBER 29, 2021
Cisco Secure supports the NOC operations with DNS visibility and architecture intelligence ( Cisco Umbrella and Cisco Umbrella Investigate ) and automated malware analysis and threat intelligence ( Cisco Secure Malware Analytics (Threat Grid) , backed by Cisco Talos Intelligence and Cisco SecureX ).
SecureList
JULY 28, 2021
The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord server, where they discussed DDoS attacks. This malware is of interest for its use of infected devices as honeypots. It is linked to a vulnerability in DNS resolvers that allows amplification attacks on authoritative DNS servers.
Security Boulevard
JUNE 15, 2023
Stealers" are a kind of malware designed to run on an endpoint post-compromise, while their primary features center on the theft of user data. Together with our colleagues at InQuest, we present a deep dive technical analysis of the malware. This is the story of information stealers today.
SecureList
OCTOBER 26, 2021
In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.
Expert insights. Personalized for you.
227 
Let's personalize your content