Post · bonfire.cafe

Post

Log in

@cR0w@infosec.exchange · last week

https://www.infoblox.com/blog/threat-intelligence/compromised-routers-dns-and-a-tds-hidden-in-aeza-networks/

Maybe try blocking some full Aeza ASNs. The prefixes for AS210644 and AS216246 are already in the #GAYINT naughty list: https://intel.gayint.org/

Screenshot showing AS210644 with 166 prefixes and AS216246 with 24 prefixes in the GAYINT block list.

Compromised Routers, DNS, and a TDS Hidden in Aeza Networks

Compromised routers silently reroute DNS, enabling a powerful Traffic Distribution System (TDS) that forces users to scams and malware via affiliate marketing.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.2-alpha.23 no JS en

Automatic federation enabled

Log in