DomainTools has uncovered that a novice cybercriminal, referred to as Coquettte, is exploiting Proton66's bulletproof hosting service to facilitate malware distribution. Their operations were traced back to a fraudulent website offering antivirus services, revealing significant operational security lapses. This actorâs primary malware distribution method involves ZIP files masquerading as legitimate software. The report highlights how Proton66 and related services have been linked to campaigns utilizing various malware types, targeting users through deceptive phishing tactics and exposing digital footprints of the emerging threat.
Coquettte is one such threat actor leveraging the benefits offered by the Proton66 ecosystem to distribute malware under the guise of legitimate antivirus tools.
This revelation led us down a rabbit hole into the operations of an emerging threat actor known as Coquettte - an amateur cybercriminal leveraging Proton66's bulletproof hosting to distribute malware and engage in other illicit activities.
Collection
[
|
...
]