Infrastructure Laundering: Cloudy Behavior Around FUNNULL CDN Renting IPs from Big Tech
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This article unveils the practice of 'infrastructure laundering' by cybercriminals, specifically focusing on the FUNNULL content delivery network. The investigation reveals that FUNNULL has been renting IP addresses from major cloud providers like Amazon Web Services and Microsoft Azure, using these to host malicious websites involved in retail phishing, investment scams, and money laundering. Despite efforts by cloud providers to ban these IPs, FUNNULL continually acquires new ones, likely through fraudulent means. The research highlights the challenges faced by cloud providers in detecting and preventing this abuse in real-time, raising questions about the effectiveness of current security measures and the responsibilities of hosting companies in combating such sophisticated criminal activities.
OPENCTI LABELS :
phishing,infrastructure laundering
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Infrastructure Laundering: Cloudy Behavior Around FUNNULL CDN Renting IPs from Big Tech