Vane Viper: Russia–Cyprus AdTech Nexus Delivering Malware
DNS analysis links Vane Viper's AdTech abuse to AdTech Holding and PropellerAds, delivering malware through fake software, APKs, and redirects.| Infoblox Blog
Tens of thousands of websites worldwide are infected with malware that utilizes the Domain Name System (DNS) to conditionally redirect visitors to malicious content. These DNS requests are made server-side, meaning from the website itself, and are not visible to the visitor. We have tracked the threat actor that operates this malware since August 2023. […] The post Detour Dog: DNS Malware Powers Strela Stealer Campaigns appeared first on Infoblox Blog.| Infoblox Blog
DNS analysis links Vane Viper's AdTech abuse to AdTech Holding and PropellerAds, delivering malware through fake software, APKs, and redirects.| Infoblox Blog
This is the third in a three-part, in-depth report covering nearly a year of research into VexTrio. To learn more about the people and entities involved, see the first part here. To learn about VexTrio’s activities, see here. VexTrio domains and references from this research can be found in our GitHub repository. In the first […] The post Inside the Robot: Deconstructing VexTrio’s Affiliate Advertising Platform appeared first on Infoblox Blog.| Infoblox Blog
This is the second in a three-part, in-depth report covering nearly a year of research into VexTrio. To learn more about the people and entities involved, see the first part here. To learn about VexTrio’s infrastructure and technology stack, see here. VexTrio domains and references from this research can be found in our GitHub repository. […] The post VexTrio Unmasked: A Legacy of Spam and Homegrown Scams appeared first on Infoblox Blog.| Infoblox Blog
The adverse impact of visiting compromised domains that integrate malicious adtech.| Infoblox Blog
Russian threat actors combine domain name vulnerabilities with hidden router proxy techniques to scale their attacks while remaining shielded from detection.| Infoblox Blog
Discover how Infoblox Threat Intel uncovered widespread usage of malicious spam and domain spoofing from Chinese actors. Learn about the tactics and gain insights into how threat actors bypass security safeguards.| Infoblox Blog
Infoblox Threat Intel exposes registered DGAs (RDGAs), the novel DGAs used by threat actors like Revolver Rabbit to deliver XLoader, Hancitor, and other malware| Infoblox Blog
