#SecurityLiterature

‘Savvy Seahorse’ Hackers Debut Novel DNS CNAME Trick

by

February 28, 2024 at 09:07AM A new threat actor executes an innovative investment scam through a sophisticated traffic distribution system (TDS), leveraging the DNS to sustain ever-changing malicious domains. The scam impersonates major brands, luring victims through multilingual Facebook ads. The TDS, supported by CNAME records, provides resilience and evasion against takedowns, posing a significant … Read more

VexTrio: The Uber of Cybercrime – Brokering Malware for 60+ Affiliates

by

January 23, 2024 at 01:05PM New findings from Infoblox reveal a massive “criminal affiliate program” involving threat actors like ClearFake, SocGholish, and VexTrio. VexTrio, active since 2017, operates a network of over 70,000 domains and brokers traffic for 60 affiliates. It uses DNS and HTTP-based traffic distribution systems to propagate scams, riskware, and more. The … Read more