Russian Hackers Employ Malicious Traffic Direction Systems to Spread Malware

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

Researchers have discovered possible linkages among a subscription-based crimeware-as-a-service (Caas) solution as well as a cracked copy of Cobalt Strike according to what they presume is being offered as a tool for customers to stage post-exploitation operations. 
Prometheus is an open-source activity monitoring and warning system for cloud applications that are based on metrics. Nearly 800 cloud-native companies, namely Uber, Slack, Robinhood, as well as others, employ it. 
Prometheus offers convenient observation of a system’s state along with hardware and software metrics like memory use, network utilization, and software-specific defined metrics by scraping real-time information from numerous endpoints (ex. number of failed login attempts to a web application).
Prometheus has an understood policy of omitting built-in support for security features like authentication and encryption because the numeric metrics it collects are not deemed sensitive data. This allows the company to focus on creating monitoring-related services. It’s being advertised on Russian underground forums as a traffic direction system (TDS) which allows bulk phishing redirection to rogue landing pages, designed to deliver malware payloads on targeted computers for $250 per month. 
“A system of a malicious technology, malicious email circulation, illicit folders across authorized platforms, traffic diversion, and t

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: