Threat Group Employs Amazon-Style Fulfillment Model to Distribute Malware

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots

8th April, 2019 1 Min read

A threat group with possible connections to the operators of the notorious Necurs botnet has employed what security vendor Bromium this week described as an Amazon-style fulfillment model to host and distribute malware on behalf of other cybercriminals.

The group is using a collection of more than one dozen US-based servers to help attackers distribute a variety of ransomware, banking Trojans, and other malware to targets located mostly within the country.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

The IP addresses of the hosting servers belong to a single autonomous system — or range of IP addresses — registered with a so-called “bulletproof” hosting company in the US. Eleven of the servers hosting malware are located in a single data center in Nevada belonging to the company.

Typically, malware hosting servers are located in jurisdictions known to be uncooperative with law enforcement. The fact that this particular group is operating from within the US using a highly consolidated set of servers is significant, says a malware researcher at Bromium, who did not wish to be identified.

A silhouette of a hooded figure with digital code in the background.

Latest Articles

Web Security

Three Ways CISOs Can Combat Emerging Threats in 2025

73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

11th November, 2024

Cloud Cost Optimization

How Optimizing Kafka Can Save Costs of the Whole System

Kafka is no longer exclusively the domain of high-velocity Big Data use cases. Today, it is utilized on by workloads and companies of all sizes, supporting asynchronous communication between even small groups of microservices. But this expanded usage has led to problems with cost creep that threaten many companies’ bottom lines. And due to the […]

Itay Tal Head of Cloud Services

29th September, 2024

Cloud Migration Service

Migrating Volumez RedHat VMs into Amazon Linux 2 for higher effective discounts rate of Saving Plan

A cloud data infrastructure company relied on extensive use of multiple instance types to test its products. But this made it difficult to optimize costs – a fact which had begun to impact their ability to scale the business. The GlobalDots team helped the company identify and implement a new infrastructure configuration that both saved […]

Itay Tal Head of Cloud Services

19th September, 2024

Compliance Automation

How Yuki Achieved SOC 2 Compliance 6x Faster

Overview A fast-growing Snowflake optimization platform was missing out on customers because they didn’t have the right data security compliance. Through multiple consultations and extensive vendor-testing, the GlobalDots team selected a solution to provide both tech and human support, helping the company achieve SOC 2 compliance within just 3 months – and win new customers […]

Itay Tal Head of Cloud Services

16th September, 2024

Back to Resources

Unlock Your Cloud Potential