Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts

August 26, 2024 at 03:45PM Greasy Opal, a tool used for cyberattacks, facilitates volumetric bot attacks, particularly targeting CAPTCHA systems. A threat actor group orchestrated an attack resulting in 750 million fake Microsoft accounts. Microsoft seized control of the domains. Greasy Opal leverages advanced technology to bypass defenses, posing a challenge to traditional security measures. … Read more

DNS Tunneling Abuse Expands to Tracking & Scanning Victims

May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more

BotGuard Raises $13 Million to Protect Against Harmful Web Traffic

March 14, 2024 at 10:51AM BotGuard OU has raised €12 million (~$13.1 million) in a Series A funding round, led by MMC Ventures, Tera Ventures, Expeditions Fund, and angel investors. The Estonia-based company offers an AI-driven solution to filter web traffic, mitigate threats, and reduce management costs. The investment will support technology advancement and team … Read more

VexTrio: The Uber of Cybercrime – Brokering Malware for 60+ Affiliates

January 23, 2024 at 01:05PM New findings from Infoblox reveal a massive “criminal affiliate program” involving threat actors like ClearFake, SocGholish, and VexTrio. VexTrio, active since 2017, operates a network of over 70,000 domains and brokers traffic for 60 affiliates. It uses DNS and HTTP-based traffic distribution systems to propagate scams, riskware, and more. The … Read more

IPStorm botnet with 23,000 proxies for malicious traffic dismantled

November 14, 2023 at 07:10PM The U.S. Department of Justice has announced the takedown of a botnet proxy service called IPStorm. The service allowed cybercriminals to run malicious traffic anonymously through various devices worldwide. A Russian-Moldovan national named Sergei Makinin pleaded guilty to computer fraud charges in connection to the case. Makinin profited from selling … Read more

Mozi botnet murder mystery: China or criminal operators behind the kill switch?

November 1, 2023 at 04:04PM The Mozi botnet, which accounted for 90% of all malicious IoT network traffic, has disappeared after a kill switch was discovered. The “Who killed Mozi?” question remains unanswered. ESET Research found the kill switch, which deactivated the malware and disabled certain functions. The investigation suggests that either the original Mozi … Read more