Fraud report reveals danger of ‘fast-flux botnets’
RSA’s Global Fraud Report has some scary predictions for the next 12 to 18 months, as criminals become more technically savvy.

The use of sophisticated fast-flux botnets' will increase in the next year, according to a new Global Online Fraud report from RSA.
Fast-flux botnets hide the content servers delivering phishing and malware websites behind a number of compromised computers, letting addresses change very quickly to avoid detection.
"The location of the attack is constantly moving and so obviously makes it much trickier to try and get it stopped, because every time you find it it moves again," Andrew Moloney, director of marketing at RSA, told IT PRO.
The report said fast-flux networks were becoming more popular as they were easy to set up. In some cases, fraudsters rent botnets and a content server for a monthly fee.
The report noted the example of the Sinowal Trojan, which RSA discovered in October 2008. The report said the trojan had an advanced and reliable communication infrastructure, which allowed it to gather and transmit data for three years.
Moloney said: "Fundamentally what we're seeing is a commercialisation of the fraud industry at a level really greater than what we've ever seen before.
"The barrier for entry, if you're a non-technical kind of person, has been significantly lowered."
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
This was seen with fraud-as-a-service', which meant that people didn't need technical expertise to infect a machine with a trojan or other type of attack, as they could simply buy what they needed.
Fraud-as-a-service was also likely to evolve in the next 12 months to support the development of the fraud economy.
"I think we'll see greater levels of sophistication and targeting under new service models," Moloney said.
"Within that fraud world there is a lot of buying and selling of information and credentials, and the better quality those credentials the better value they'll have."
The report said that enterprise fraud, which was still in its infancy' as criminals were only just starting to realise the benefits of phishing businesses, would increase to create a market for information'.
Moloney said: "If I can deliver the login credentials of the management team of a Fortune 500 company, that clearly has value."
-
Can the UK ban ransomware payments?
ITPro Podcast Attempts to cut off ransomware group profits could instead harm businesses
-
Intel to axe 24,000 roles, cancels factory plans in sweeping cost-cutting move
News Despite better than expected revenue in its Q2 results, the chip giant is targeting a leaner operation
-
RSAC in focus: Key takeaways for CISOs
The RSAC Conference 2025 spotlighted pivotal advancements in agentic AI, identity security, and collaborative defense strategies, shaping the evolving mandate for CISOs.
-
RSAC in focus: Quantum computing and security
Experts at RSAC 2025 emphasize the need for urgent action to secure data against future cryptographic risks posed by quantum computing
-
RSAC in focus: How AI is improving cybersecurity
AI is revolutionizing cybersecurity by enhancing threat detection, automating defenses, and letting IT professionals tackle evolving digital challenges.
-
RSAC in focus: Collaboration in cybersecurity
Experts at RSA Conference 2025 emphasised that collaboration across sectors and shared intelligence are pivotal to addressing the evolving challenges of cybersecurity.
-
RSAC in focus: Considerations and possibilities for the remainder of 2025
As 2025 unfolds, RSAC explores the pivotal considerations and emerging possibilities shaping the cybersecurity landscape
-
RSAC Conference 2025: The front line of cyber innovation
ITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
RSAC Conference 2025: AI and quantum complicate security
Organizations are grappling with the complications of adopting AI for security
-
RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionals
Analysis Despite widespread optimism on how AI can help those in cybersecurity, it’s clear that the threat landscape is more complex than ever