Security News > 2022 > December > Domain aging gang CashRewindo picks vintage sites to push malvertising

A sophisticated and very patient threat group behind a global malvertising scheme is using so-called aged domains to skirt past cybersecurity tools and catch victims in investment scams.

Cybercriminals who run malvertising campaigns typically will spin up a domain and quickly put it into use.

CashRewindo is patient, aging the domains before putting them to use.

Such techniques require an investment of time and money by the attacker, who may be continually buying and aging domains in the background while running other operations in the meantime.

"An attacker who invests time in domain aging is more likely to be running an established and more sophisticated operation," she said.

The attackers do not rely only on domain aging to evade detection.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/12/02/cashrewindo_scam_domain_aging/