Infoblox Warns IT Professionals of Overlooked Mega-Threat from Organised Global Cyber Criminals,

Infoblox Warns It Professionals of Overlooked Mega-threat from Organised Global Cyber Criminals,

Infoblox Warns IT Professionals of Overlooked Mega-Threat from Organised Global Cyber Criminals,

Home ยป News ยป Infoblox Warns IT Professionals of Overlooked Mega-Threat from Organised Global Cyber Criminals,
Table of Contents

What is VexTrio, and why is Australia and APAC in its sights?

VexTrio, a malicious web traffic broker targeting business and consumer internet users, has been active for over six years. Infoblox estimates the value of the VexTrio threat to be $10 trillion USD in 2023, with a projected increase to $25 trillion USD by 2025. VexTrio operates as a traffic distribution system, passing users through its affiliate network to other criminal entities for malware and phishing attacks.

VexTrio wants APAC and Australian business and consumer internet users

VexTrio targets internet users in APAC, Australia, and New Zealand without bias against specific regions. Operating in 32 languages, complaints have been rising from the region, with Japan being a significant source of complaints. VexTrio primarily compromises websites vulnerable to attacks, such as those using WordPress, to target victims.

Opening a limited window onto the operations of global cybercrime

The revelation of VexTrio sheds light on the global cybercrime ecosystem. Cybercriminals engage in a larger criminal economy by buying and selling goods and services, forming strategic partnerships to extend their operations. Despite being a known threat, VexTrio’s identity and location remain a mystery.

What are the common signs of a VexTrio attack on a business

VexTrio and its affiliates commonly use a “drive-by compromise” method to target businesses. Compromised websites redirect users to malicious infrastructure, collecting information like IP addresses. Employees may encounter compromised websites through search results, leading to further attacks like spear phishing emails and unauthorized browser control.

What can APAC IT pros do to protect themselves from VexTrio?

Infoblox recommends focusing on disrupting middlemen like VexTrio rather than endpoint malware or phishing pages. Protective DNS services can analyze and mitigate threats at the DNS level, enhancing network security. By implementing protective DNS mechanisms, IT professionals in APAC can prevent access to malicious domains and block threats at the middle layer.

author avatar
roosho Senior Engineer (Technical Services)
I am Rakib Raihan RooSho, Jack of all IT Trades. You got it right. Good for nothing. I try a lot of things and fail more than that. That's how I learn. Whenever I succeed, I note that in my cookbook. Eventually, that became my blog.ย 
share this article.

ADVERTISEMENT

ADVERTISEMENT

Enjoying my articles?

Sign up to get new content delivered straight to your inbox.

Please enable JavaScript in your browser to complete this form.
Name