Q: Is Malwarebytes Anti-Malware effective? A: Malwarebytes Anti-Malware is a trusted and effective antimalware tool…
Most often malware networks are used for sending modular spyware Trojans and remote access tools (RAT).
As say specialists, in the I quarter 2019 more than 60% of all malware activity consisted spyware Trojan Lokibot (1496 servers) and multifunctional malware AZORult (1155). Modular Trojan Pony, which closes the top three, almost 4-5 times behind the leaders.
“When we look at the number of newly detected botnet Command & Controllers (C&C), as a result of fraudulent sign-ups, it is evident that the upward trend detected in 2018 is continuing into 2019”, — noted in Spamhaus Malware Labs.
If in January 2018 experts found 276 new servers, in December their number surged to 762. Average monthly results was 530 C&C servers.
In the first quarter 2019 this figured skyrocketed more than twice and reached 1,1 thousand of C&C monthly. Only in March specialists counted about 1,3 thousands of new servers.
Their main part is traditionally located in *.com and *.uk zones. Analysts also noted growth of sites’ share under domains *.ug (Uganda) и *.ng (Nigeria).
In February every third resource in *.ug worked on intruders, while behind this activity stands only one malware service. Its operators register websites under Ugandan names and buy DNS-hosting in China.
“They register a ‘.UG’ domain name for their customer with the operator ‘i3c.co.ug’ and use a Chinese based DNS provider ‘DNSPod’ (Tencent). From a cybercriminal’s perspective, this has a big advantage: Both i3c.co.ug and DNSPod are exceptionally slow to investigate abuse reports, that’s if they are investigated at all. This makes a cybercriminal’s botnet C&C infrastructure almost 100% bulletproof to takedown requests”, — reported Spamhaus researchers.
As say Spamhaus specialists, they applied much effort and managed to decline share of unwanted web-sited under Uganda domains to 29%. Botnets most often locate on Cloudfare facilities. This hosting provider allows customers to hide location of management services and protects clients from DDoS – attacks.
Top–five also included Russian services Stajazk, Timeweb, Reg.ru and French Ovh.net.
Source: https://www.spamhaus.org
Chernars.com is a domain that tries to force you into subscribing to its browser notifications…
Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…
Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…