Source: National Cyber Security News
Gozi, the infamous and widely-distributed banking malware, is back again in a new campaign designed to boost its distribution and generate more revenues for its operators. In efforts to expand attacks, the hackers behind Gozi were found leveraging the elusive Dark Cloud botnet.
Dark Cloud was first uncovered in 2016 and was reportedly created to host carding sites. However, the botnet has since expanded. According to security experts at cybersecurity firm Cisco Talos, who uncovered the new Gozi campaign over the last few years, the Dark Cloud botnet has been used by hackers involved in a “laundry list of cybercriminal activities.”
The botnet uses its army of hijacked and enslaved systems to continuously change the hosting domain name server every few minutes. This in turn helps hackers evade detection while boosting their malicious activities.
Unlike previous campaigns, hackers behind the Gozi malware now appear to be going after specific targets. The recent Gozi distribution campaigns were also observed to be relatively low-volume, with hackers opting to work under the radar by not sending out a large volume of spam emails. Instead, Cisco Talos researchers found the hackers behind Gozi were making an effort to craft convincing emails that would lure more victims.
View full post on National Cyber Security Ventures
Sponsored Link: http://youtube.com/no1hacker