1705285714 Tens of thousands of domain names hid cybercriminal activity –

Tens of thousands of domain names hid cybercriminal activity – GoodTech Info

Technology News / By /

01/15/2024 GoodTech01/15/2024 Une alliance pour soutenir l039OpenUSD et l039innovation ouverte en 3D.svg1691375547 30 Une alliance pour soutenir l039OpenUSD et l039innovation ouverte en 3D.svg • Bookmarks: 4

The prolific Puma managed to evade the radar of cybersecurity researchers for more than four years.

The prolific Puma managed to evade the radar of cybersecurity researchers for more than four years. With an infrastructure consisting of tens of thousands of domain names, this threat actor has been and continues to be the vector of numerous malicious campaigns. Explanations.

Infoblox experts were able to detect Prolific Puma activity in late 2023 after discovering a Registered Domain Generation Algorithm (RDGA) used to create domain names for the malicious URL shortening service.

Who is Prolific Puma?

An intelligence provider that allows other malicious actors to avoid detection while conducting their operations. It contributes to the spread of phishing, scams and malware, especially among businesses.

There is evidence that Prolific Puma links are distributed primarily via SMS.

  • “Prolific” refers to an ever-growing network where new domains are registered almost daily.
  • 'Puma'? Infoblox experts found that Prolific Puma systematically uses an email address that references the song “October 33” by the band Black Pumas – a soul band – every time he uses the public domain recording.

Tens of thousands of domain names hid cybercriminal activity –

What is the threat?

Infoblox suspects Prolific Puma of providing a service intended for other malicious actors and of not controlling the final landing pages. Prolific Puma campaigns involve large networks of domains controlled by other DNS-based threat actors, often registered with low-cost registrars and generated by the Registered Domain Generation Algorithm (RDGA).

In fact, Prolific Puma uses RDGAs to generate its domain names. These domains serve as link shorteners and are hosted by anonymous service providers to ensure confidentiality and prevent detection of their actual activities.

The cybercrime economy is the third largest in the world and will be worth an estimated $8 trillion in 2023. Prolific Puma is part of the supply chain. Blocking Prolific Puma at the DNS level will therefore protect users from any malicious content they provide, Infloblox believes.

I like this :

I would like to load…

4 recommended1691375548 831 Une alliance pour soutenir l039OpenUSD et l039innovation ouverte en 3D.svg