Cybercriminals continue to actively launch maliciuos and fraudulent malware-serving campaigns further spreading malicious software potentially compromising the confidentiality availability and integrity of hte targeted host to a multit-tude of malicious software further spreading malicious software while earning fraudulent revenue in the process of monetizing access to malware-infected hosts.
We’ve recently intercepted a currently active portfolio of rogue/fake/ PornTube malicious and fraudulent domains, with the cybercriminals behind the campaign earning fraudulent revenue largely relying on the utilization of an affiliate-network based revenue-sharing scheme.
In this post we’ll profile the campaign, provide actionable intelligence on the infrastructure behind it, and discuss in-depth the tactics techniques and procedures of the cybercriminals behind it.
Known to have been parked within the same malicious IP (22.214.171.124) are also the following malicious domains:
We’ll continue monitoring the campaign and post updates as soon as new developments take place.
This is a Security Bloggers Network syndicated blog post authored by Dancho Danchev. Read the original post at: Dancho Danchev's Blog - Mind Streams of Information Security Knowledge