Cybercriminals continue to actively launch maliciuos and fraudulent malware-serving campaigns further spreading malicious software potentially compromising the confidentiality availability and integrity of hte targeted host to a multit-tude of malicious software further spreading malicious software while earning fraudulent revenue in the process of monetizing access to malware-infected hosts.
We’ve recently intercepted a currently active portfolio of rogue/fake/ PornTube malicious and fraudulent domains, with the cybercriminals behind the campaign earning fraudulent revenue largely relying on the utilization of an affiliate-network based revenue-sharing scheme.
In this post we’ll profile the campaign, provide actionable intelligence on the infrastructure behind it, and discuss in-depth the tactics techniques and procedures of the cybercriminals behind it.
Known to have been parked within the same malicious IP (184.108.40.206) are also the following malicious domains:
We’ll continue monitoring the campaign and post updates as soon as new developments take place.
*** This is a Security Bloggers Network syndicated blog from Dancho Danchev's Blog - Mind Streams of Information Security Knowledge authored by Dancho Danchev. Read the original post at: http://feedproxy.google.com/~r/DanchoDanchevOnSecurityAndNewMedia/~3/rwvc08pLyeI/historical-osint-mac-os-x-porntube.html