Infoblox
Coverage of Infoblox in the Nexus archive.
- Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Cybersecurity researchers identified a threat actor named Lurking Lizard using fake 7-Zip installers to operate a malicious residential proxy network via over 230 lookalike domains. The campaign, active since at least August 2022, was tracked by DNS threat intelligence firm Infoblox.
- Authorities disrupt Evil Corp’s SocGholish botnet
Authorities disrupted Evil Corp’s SocGholish botnet, a malware framework used since 2017 to steal data and deploy ransomware. The multinational takedown involved seizing 106 servers, remediating 15,000 infected websites, and disabling the botnet linked to ransomware variants like DoppelPaymer and LockBit.
- AI agents get their own phone directory built atop DNS
DNS for AI Discovery (DNS-AID) is an open-source project enabling AI agents to discover each other via DNS, avoiding fragmented configurations. Built on existing infrastructure like SVCB and DNSSEC, it allows agent discovery by name, function, or domain, supported by major DNS providers.
- Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have uncovered a telecommunications fraud campaign using fake CAPTCHA verification to trick users into sending international SMS messages, generating revenue for threat actors. The operation, involving 120 Keitaro campaigns, was detailed in a report by Infoblox, highlighting the scam's global impact.