Hacker Infrastructure And Underground Hosting 101

In the cybercrime underground, a criminal’s hosting infrastructure serves as the foundation of their entire business model. It hosts anonymizing services for keeping their activities private, command-and-control (C&C) servers for taking advantage of victims’ machines, and discussion forums for communicating with other criminals. Criminal sellers provide services and infrastructures that other criminals need to execute their attacks. An underground hosting service or underground infrastructure enables threat actors to harbor cybercriminal components and carry out their malicious activities undisrupted by takedowns or arrests, which usually require intervention by service providers.

An underground hosting service can include the provision of hosting infrastructures, domain name provisions, fast-flux infrastructures, traffic accelerators, virtual and dedicated servers, and virtual private networks (VPNs). Hosted infrastructures are also used to send phishing emails, trade illegal goods on online shops, and host virtual private systems (VPS) that can be used to launch attacks from.

Read more…
Source: Trend Micro