Cybercrime & Digital Threats

Bulletproof hosting (BPH) services have long been crucial parts of the cybercriminal infrastructure. How do they protect malicious activities, and how do cybercriminals use them to stay in business?

Our infographic shows how Trend Micro XDR is designed to combat threats like Ryuk using machine learning and analytics to correlate various events across multiple layers.

Recent spam campaigns leading to URSA/Mispadu has been uncovered. This attack targets systems with Spanish and Portuguese as system languages.

The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.

Hackers spread messages supposedly sent from Instagram Help Center claiming that the user's account is at risk of being deleted.

Darkside ransomware surfaced, operators behind Crysis/Dharma released a hacking toolkit, a targeted email campaign was used to propagate Negasteal, and a coinminer was seen bundled with legitimate applications.

We found some fake Facebook accounts stolen from influential accounts to sell, change the details, and/or reused for phishing.

We found online dating website scam campaigns primarily targeting Japanese customers for their personal and financial information.

Underground platforms are part of a mature ecosystem for trading cybercrime goods and services. How does a capable hosting infrastructure allow illicit activities to thrive?