Latest news with #ContentDeliveryNetwork
Scoop
10 hours ago
- Business
- Scoop
VexTrio Unveiled: Global Cybercrime Enterprise Exposed As Sophisticated Multinational Ad-Fraud Operation
Press Release – Infoblox VexTrio operates an end-to-end scam supply chain, controlling everything from the development of fraudulent apps to the payment processors that collect the profits. Auckland, 18 August 2025 — Infoblox Threat Intel has revealed new findings on threat actor 'VexTrio'. Once known only as a major player in malicious traffic distribution systems (TDS), VexTrio has now been exposed as a sprawling international business enterprise — complete with a complex corporate structure, named executives and operations spanning over a decade. More than a group of anonymous hackers, VexTrio is a sophisticated merger of Italian and Eastern European criminal factions that control nearly 100 companies across the adtech, energy and construction industries, using them to orchestrate a global ad-fraud scheme worth billions. VexTrio operates an end-to-end scam supply chain, controlling everything from the development of fraudulent apps to the payment processors that collect the profits. Several adtech companies – Los Pollos, TacoLoco and Adtrafico – pose as legitimate affiliate marketing networks. These entities serve as the public face for a criminal operation that leverages compromised websites, malicious spam and fraudulent social media campaigns to funnel millions of victims into scams. 'For years, we thought that VexTrio was just a group of basement hackers,' said Dr. Renée Burton, Vice President of Infoblox Threat Intel. 'This investigation proves that behind the malicious links is a highly organised, multinational corporate entity that has been profiting from fraud on a massive scale. They have built an entire adtech industry to conceal their crimes in plain sight.' Key Findings Massive Scale and Reach: In 2024, VexTrio's affiliate network Los Pollos claimed over 2 billion unique monthly users, and GoDaddy found that nearly 40 per cent of compromised websites it observed were redirecting traffic to VexTrio. One of the group's core Content Delivery Network (CDN) domains ranks in the top 10,000 most popular domains globally. End-to-End Criminal Control: VexTrio develops its own fraudulent products, from fake dating sites to e-commerce and crypto investment platforms. It runs its own payment processors and operates email validation services to support massive spam campaigns. Highly Profitable Scams: The group's network offers affiliates over $100 per lead for fraudulent antivirus products and promoted 'blank credit card' scams with promises of six-figure paydays and up to 300 per cent ROI. Sophisticated and Resilient Infrastructure: The entire global operation runs on a lean infrastructure of fewer than 250 virtual machines, utilising advanced automation tools, multiple hosting providers and legitimate CDN (Content Delivery Network) services to evade detection and ensure resiliency. Corporate Web of Deceit: VexTrio hides behind shell companies that pose as legitimate adtech firms, operating several brands under the guise of affiliate marketing, while simultaneously being responsible for many types of fraud. The report highlights the role of adtech platforms in facilitating large-scale cybercrime and underscores the need for stronger accountability measures. The findings reveal how VexTrio's use of networks such as Los Pollos, TacoLoco and Adtrafico not only provides reach but also creates a potential point of exposure – as these platforms vet and track affiliates, they hold valuable intelligence to help identify the actors responsible for compromising countless websites and defrauding millions of users worldwide. here. Infoblox unites networking, security and cloud to form a platform for operations that's as resilient as it is agile. Trusted by 13,000+ customers, including 92 of the Fortune 100, we seamlessly integrate, secure and automate critical network services so businesses can move fast without compromise. Visit or follow us on LinkedIn.
RNZ News
4 days ago
- RNZ News
Extra Techverse: A tariff for A.I. crawlers?
A 1950s toy robot Photo: T-Bone Sandwich // CC-BY-NC-SA 2.0 You might have heard of Crawler bots before. In fact, they are how search engines populate and index their search results. But A.I. Crawlers are very different. After scraping data on mass, indiscriminately, then storing said data in its ever-growing knowledge base - the next time you ask an LLM (Large Language Model) a question, it doesn't matter where its summerised information comes from, in most cases there's no source attribution and websites lose out on valuable traffic. However, Cloudflare's new private beta programme may see A.I. Crawlers hit a paywall of their own, and the two other giant Content Delivery Network providers may be allowing their customers to do the same thing soon: Fastly (they do this already) and Akamai. Hearing this for the first time made our own Corey Fuimaono think what ramifications this might have for the media, content creators, and A.I. companies? To discuss more, they spoke with Kelly Shortridge, VP of Security at Fastly.
NDTV
06-06-2025
- Business
- NDTV
Why Indian Railways Deactivated 2.5 Crore "Bogus" IDs On IRCTC
The Indian Railways has deactivated 2.5 crore "bogus" user IDs and put around 20 lakh others under revalidation to curb unauthorised automated bookings by unscrupulous agents. This will significantly improve the access to genuine users on IRCTC website and app, the Ministry of Railways said. The department deployed cutting-edge anti-BOT systems and integrated with a leading Content Delivery Network (CDN) service provider to make it possible. Besides enhancing transparency, the step will improve security and user experience as well. Within the past five months (January to May), the Railways detected 2.9 lakh suspicious PNRs. This was done while analysing ticket bookings in the first five minutes after it started for both general and Tatkal tickets, The Times of India reported. A Railways official shared that 134 complaints were registered with the national cybercrime portal and they have blocked more than 6,800 disposal email domains. Fraudsters used unique email IDs for every contact or entity. These are usually for a limited number of times. This helps them charge extra money from the passengers. Through the new system, the Railways has been able to mitigate all bot traffic effectively. They typically peaked during the first five minutes of Tatkal bookings. During this period, the bot traffic accounted for up to 50 per cent of the overall login attempts. Notably, the highest-ever per-minute booking of 31,814 tickets was witnessed on May 22, 2025. The latest enhancement will further ensure better accessibility to genuine users and cut down 'bogus' attempts. For fairness and efficiency, the Indian Railways has also come up with new user protocols. Under this, Aadhaar-verified users will be able to book train tickets on the IRCTC website and app without facing any delays; those not authenticated via Aadhaar can book Opening ARP, Tatkal or Premium Tatkal tickets can make bookings only after three days of registration. These efforts have shown measurable improvements in recent times. The average daily user logins was 69.08 lakh in financial year 2023–24 and increased to 82.57 lakh in FY 2024–25, witnessing a 19.53 per cent rise. The average daily ticket bookings jumped by 11.85 per cent during the same period. At present, E-Ticketing accounts for 86.38 per cent of total reserved ticket bookings. With CDN, 87 per cent of static content is being served for faster load times and reduced server load, the Railway Ministry said. The AI algorithms have been able to detect and mitigate bot traffic actively. As there is a "genuine shortage of confirmed tickets," efforts are being made to run more trains to increase capacity, sources told The Times Of India.
The Hindu
04-06-2025
- Business
- The Hindu
Railways suspends 2.5 crore user IDs suspected of fraudulent ticket booking
The Indian Railway Catering and Tourism Corporation (IRCTC) has deactivated 2.5 crore suspect user IDs as part of a digital overhaul of its ticketing infrastructure, officials said on Wednesday (June 4, 2025). 'Through the deployment of anti-bot systems and integration with a leading Content Delivery Network (CDN) service provider, the Railways has curbed unauthorised automated bookings by unscrupulous agents and improved the access of the website to the genuine users,' a senior Railway official said. '131 complaints of the suspicious users have been lodged with the cyber crime cell in the last four months.' Also read: Railway Protection Force plans to use AI and machine learning to help curb illegal online ticket booking The new system has effectively mitigated all bot traffic, which usually peaks during the first five minutes after the Tatkal booking window opens. Bot traffic accounts for up to 50% of overall login attempts during this period, the official added. Revalidating suspect IDs IRCTC is also taking additional steps to revalidate suspicious user IDs through verification of mobile numbers and email IDs. In the last 15 days, around 20 lakh user IDs have been put into revalidation mode to confirm the authenticity of the users, officials said. On March 6, the IRCTC set its highest single-day ticket booking record of 16,17,404 tickets. Later, on May 22, the Railways recorded the highest number of bookings in one minute, with 31,814 tickets being booked on the upgraded platform. Also read: On Railways' decision to shrink advance booking period The Railways has also introduced new user protocols with additional safety measures. Users not authenticated via Aadhaar can book opening Advance Reservation Period (ARP), Tatkal, or Premium Tatkal tickets only three days after registration, while Aadhaar-verified users can book all tickets without delay. On May 7, IRCTC's Chairman and Managing Director wrote to the Railway Board seeking approval to implement the plan of allowing only Aadhaar/PAN-authenticated users to book opening Advance Reservation Period and Tatkal tickets during the first ten minutes. Boosting performance After upgrading the ticketing infrastructure, the Railways noticed that the average daily user logins increased from 69.08 lakh in the 2023–24 financial year to 82.57 lakh in 2024–25, registering a 19.5% rise. Average daily ticket bookings grew 11.85% in the same period, from 12.41 lakh in 2023-24 to 13.88 lakh in 2024-25. 'E-Ticketing now accounts for 86.38% of total reserved ticket bookings, which is a scale up of 3.7% from 82.68% in 2023-24,' the official said. Also read: IRCTC, IRFC upgraded to Navratna status, complements Railway Minister Officials said that the 'attempt versus booking ratio' has increased from 43.06% to 62.22% in the period from October 2024 to May 2025. The IRCTC has also taken measures to log out Individual users if they exceed 25 inquiries per session during Tatkal and ARP hours, officials said, adding that users can book only one ticket per login session, except for return/onward journeys. To book another ticket, users must log out and log in again. Also, overseas IP addresses are blocked at the network level during ARP and Tatkal booking hours, officials said. Except for defence agents, agent bookings have also been restricted between 8:00 a.m. and 8:10 a.m. which are the opening ARP timings for General Quota tickets, and also between 10:00 a.m. and 10:10 a.m. as well as from 11:00 a.m. to 11:10 a.m. during the opening for Tatkal Quota tickets. 'Only one Tatkal ticket per day/per train is allowed to agents,' officials said.
