Silent Ransom Group Exploits DNS Fast Flux to Evade Detection in Cyberattacks

Researchers identified the Silent Ransom Group (SRG) utilizing a DNS Fast Flux infrastructure to evade detection while conducting ongoing cyberattacks. The FBI issued warnings about these attacks targeting U.S. law firms and businesses. Resecurity uncovered and disclosed details of SRG’s Fast Flux network to the cybersecurity community to aid in disruption efforts and enable ISPs and DNS providers to mitigate the threat. No specific dates, technical indicators, or CVE IDs were mentioned in the reported findings. The impact involves malicious activities by SRG leveraging Fast Flux to obscure their operations and maintain persistence.