May 17, 2018
Flashpoint Editorial Director Mike Mimoso talks to director of research Vitali Kremez about the recent leak of the TreasureHunter point-of-sale malware and builder source code, as well as the MaxiDed bulletproof hosting provider takedown.
Both events figure to have some impact on cybercrime activity.
The TreasureHunter is somewhat unique because rarely is source code for the malware payload and configuration leaked alongside its builder. This could simplify matters somewhat for criminals on the underground who wish to build variants of TreasureHunter. Flashpoint worked in collaboration with Cisco Talos on this disclosure and Talos provided updated Snort rules and ClamAV signatures to the public.
The MaxiDed takedown puts a huge dent in the underground cybercrime infrastructure hosting world. Known for hosting numerous nefarious groups' infrastructure, including Carbanak and others, MaxiDed is an example of the need for continued international cooperation among law enforcement and private sector researchers.