A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year from ransomware infections alone has been disrupted by security researchers at Cisco’s Talos security intelligence and research group.
A related report from Cisco Talos says the attack campaign appeared to be one of two Angler-related attack campaigns that are currently in the wild, and comprised about half of all observed Angler-related activity.
Prior to the disruption, about 50 percent of the gang’s Angler-attack activity traced to Dallas-based hosting provider Limestone Networks, and 25 percent to German hosting provider Hetzner, Cisco says. Talos security researchers shared details of the attack infrastructure with both organizations, and report that Limestone “responded and cooperated fully with this investigation,” resulting in Cisco helping the company craft back-end blocks against the Angler gang’s activities, as well as study the attack infrastructure, including capturing images of the Angler group’s attack servers for analysis.
Limestone Networks didn’t immediately respond to a request for comment on Cisco’s report. A spokesman for Hetzner says his firm has yet to be contacted by Cisco, although Cisco disputes that account.
View full story