The National Security Agency has warned that a technique that is using anti -national states and financially -inspired rinseware groups to hide their operations is a threat to significant infrastructure and national security.
The technique is known as fast fluox. This allows the network to hide its infrastructure and avoid tech -down efforts, which will otherwise succeed. Fast flux works by cycling through a range of IP addresses and domain names that these botnets use to connect the Internet. In some cases, the names of IPS and domain change every or two days. In other cases, they change almost for an hour. Permanent flow complicates the work of isolating the original origin of the infrastructure. It also provides waste. By the time the guards stop a leaf or domain, the new has already been assigned.
A significant risk
The NSA, FBI, and their counterparts from Canada, Australia, and New Zealand, “have made this technique a significant threat to national security, which enables malicious cyber -actors to avoid permanently detected.” Thursday warned. “Cyber criminals and malicious cyber -actors, including the national state actor, use fast flows to accelerate malicious servers’ locations by rapidly changing the domain name system (DNS) records. Additionally, they can make the flexible, highly available command and control (C2).
This is a key source of use to achieve Wildcard DNS Records. These records explain the zone within the domain name system, which maps domains on IP addresses. Wildcards cause DNS search for sub -domains that are not available, especially by tie up the MX (Mail Exchange) record used to designate mail servers. The result of the invading IP’s sub -domain like malpractice. Example.com is assigned, though it does not exist.