Ride the Lightning: Infy returns as Foudre
released on 2017-08-01 @ 12:34:43 PM
In February 2017, we observed an evolution of the “Infy” malware that we’re calling “Foudre” (“lightning”, in French). The actors appear to have learned from our previous takedown and sinkholing of their Command and Control (C2) infrastructure – Foudre incorporates new anti-takeover techniques in an attempt to avoid their C2 domains being sinkholed as we did in 2016.