A configurable, malicious Traffic Direction System (TDS) has been enabling widespread malware attacks. The “Prometheus” TDS can direct malware at a variety of potential victims, boosting the potential size and impact of attacks. Several high-profile trojan operators have reportedly used Prometheus to conduct malware attacks on a large scale. As a relatively cheap cybercriminal service―one that is readily available on a cybercriminal forum―Prometheus is also likely enabling many other threat actors, including those without technical sophistication. Considering the similar offerings available online, there seems to be a growing market for platforms that help malware operators expand the impact of their attacks. This TDS is just one example of the growing professionalization of cybercriminal services.
Most Recent Flipbooks
Weekly Intelligence Summary 3rd Dec
Success of UK security bill depends on Internet of Things users
Weekly Intelligence Summary 27th August
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.
Weekly Intelligence Summary 13th August
A years-long reconnaissance campaign against an employee of a US aerospace defense company was discovered and attributed to “TA456”, an Iranian state-backed advanced persistent threat (APT) group.
Weekly Intelligence Summary 6th August
The new “BlackMatter”, “Haron”, and “El_Cometa” ransomware groups, which surfaced in the past three weeks, bear significant similarities to ransomware groups that disappeared last month