A configurable, malicious Traffic Direction System (TDS) has been enabling widespread malware attacks. The “Prometheus” TDS can direct malware at a variety of potential victims, boosting the potential size and impact of attacks. Several high-profile trojan operators have reportedly used Prometheus to conduct malware attacks on a large scale. As a relatively cheap cybercriminal service―one that is readily available on a cybercriminal forum―Prometheus is also likely enabling many other threat actors, including those without technical sophistication. Considering the similar offerings available online, there seems to be a growing market for platforms that help malware operators expand the impact of their attacks. This TDS is just one example of the growing professionalization of cybercriminal services.
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.
Most Recent Flipbooks
Main story: REvil REturns with new data-leak site
Main story: Russian cyber attacks on Ukraine: Where’s the boom?
Main story: Karakurt Hacking Team moonlights as Conti side business
RaidForums takedown sends cybercriminals scrambling
Carbanak group’s evolution extends to ransomware
Q1 2022: What happened and what lies ahead
Maverick extortionist group Lapsus$ goes after big tech
US executive order pushes for responsible cryptocurrency use
The Russia-Ukraine war has triggered a resurgence of hacktivism around the world
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Conti ransomware group aims to ascend with new tools, structure
US DoJ arrests shine light on ease and impact of cryptocurrency laundering
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.