{"version":"1.0","provider_name":"Infoblox Blog","provider_url":"https:\/\/www.infoblox.com\/blog","author_name":"Michael Zuckerman","author_url":"https:\/\/www.infoblox.com\/blog\/author\/michael-zuckerman\/","title":"Alibaba Cloud Researchers Uncover Tofsee Malware Using DNS","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"jnBz0ISLdS\"><a href=\"https:\/\/www.infoblox.com\/blog\/security\/alibaba-cloud-researchers-uncover-tofsee-malware-using-dns\/\">Alibaba Cloud Researchers Uncover Tofsee Malware Using DNS<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.infoblox.com\/blog\/security\/alibaba-cloud-researchers-uncover-tofsee-malware-using-dns\/embed\/#?secret=jnBz0ISLdS\" width=\"600\" height=\"338\" title=\"&#8220;Alibaba Cloud Researchers Uncover Tofsee Malware Using DNS&#8221; &#8212; Infoblox Blog\" data-secret=\"jnBz0ISLdS\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.infoblox.com\/blog\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","thumbnail_url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/469586097-660x454.jpg","thumbnail_width":600,"thumbnail_height":413,"description":"Alibaba Cloud Researchers Uncover Tofsee Malware Using DNS. Recently, Alibaba cloud researchers found evidence of the exploit kit used by Tofsee across hundreds of cloud machines. How? The secret was to leverage DNS. Tofsee is malware which recruits compromised systems to the Tofsee Spam Botnet. Once a system is infected, the new systems are, in turn, used to help propagate Tofsee to other systems. Tofsee has various modules which enable cryptocurrency mining and click fraud. Tofsee can bring financial loss, the exfiltration of confidential data, and worse."}