by Jon | Aug 26, 2016 | Blog
As of Monday September 11, RA Labs is tracking a nascent BotNet that appears to consist mostly of exploited routers. While it bears some similarity to other popular telnet “IoT” BotNets, we have not yet determined which family this one belongs to. At first, our team...
by Jon | Aug 24, 2016 | Blog
Ransomware: A long way past notes and magazine clippings I Imagine if all your data was cybernapped — held hostage until you paid a fee to free it. It may seem like some thrilling plot from a blockbuster sci-fi movie, but the truth is ransomware is very real — and...
by Jon | Aug 22, 2016 | Blog
Using fast flux to sell stolen credit cards Today we’re sharing another excerpt from our report about the Dark Cloud fast flux network. Some of the oldest active domains hosted on the fast flux network are carder1 sites aimed at selling stolen credit card data to...
by Jon | Aug 19, 2016 | Blog
Fast Flux, Double Flux and the Dark Cloud Here’s more detail from our report about the Dark Cloud fast flux network. The Threat Intelligence team at RiskAnalytics noticed this specific botnet in July 2014, after gathering DNS data to detect and block threats before...
by Jon | Aug 17, 2016 | Blog
Dark Cloud Network Facilitates Crimeware We’ve released a report about a commercially driven fast flux network that is facilitating criminal activity such as malware, spam bots, ransomware, carder sites and more. Executive Summary/Overview The RiskAnalytics Threat...