This article has been indexed from CSO Online
Lucky for cyber criminals, but not so lucky for enterprise security pros: There’s a quick and easy way to get started in cybercrime known as dropper-as-a-service (DaaS).
Sophos researchers recently uncovered evidence of a malware campaign using a network of websites acting as a “dropper as a service” to distribute the malware. The malware includes an assortment of click-fraud bots, other information stealers, and even ransomware, and often bundle multiple unrelated malware together in a single dropper.
Sophos Senior Threat Researcher Sean Gallagher says his team found the offerings on a group of blogs, mostly hosted on WordPress, maintained by a criminal group and using them to post links to malware downloads.
Read the original article: BrandPost: Security Threat Researchers Uncover “Dropper-as-a-Service Platforms”