The campaign uses double infection points and two command-and-control servers.
The infamous financial cybercrime gang known as Cobalt Group has been spotted actively pushing a fresh campaign that uses a peculiar tactic: Double infection points and two command-and-control (C2) servers.
The Cobalt Group, a known financial cybercrime ring since 2016, has been suspected in attacks in dozens of countries around the world. It typically targets ATMs for jackpotting, and researchers believe the gang is also responsible for a series of attacks on the SWIFT banking system.
Read more…
Source: ThreatPost