CyberWire Daily

Proton66’s malware highway.

Apr 22, 2025

Bob Maley, CSO of Black Kite, shares his expertise on the escalating risks of third-party cyber incidents. The conversation dives into the nefarious activities of the Russian group Proton66 and emerging threats like a new Rust-based botnet targeting routers. Maley emphasizes the impact of CISA budget cuts and the rise of ransomware in healthcare. Additionally, the relaunch of the cybercrime marketplace Cracked raises alarms about compliance risks and the need for improved cybersecurity measures across industries.

42:36

Creator website

Episode guests

Bob Maley

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Proton66's involvement in cybercriminal activities emphasizes the need for organizations to prioritize robust cybersecurity measures against sophisticated threats.

The alarming rise of cyber-enabled fraud in Southeast Asia highlights the critical importance of international cooperation and effective regulations to combat transnational crime.

Deep dives

The Threat of Proton66 and Botnets

The Russian autonomous system Proton66 is linked to a range of cybercriminal activities, particularly through bulletproof hosting services that facilitate various attacks on the tech and financial sectors. This system has been involved in brute-force assaults and the exploitation of known vulnerabilities, affecting organizations globally. A specific instance includes the targeting of a compromised IP address by super black ransomware, impacting nonprofits and engineering firms. Additionally, a new Rust-based botnet, Rustobot, demonstrates the ongoing risks posed by IoT devices by hijacking routers and using them for large-scale DDoS attacks.

Intro

3min

Emerging Cyber Threats and Trends

6min

Relaunching Cracked and Cybercrime Trends

6min

Cybersecurity Breaches and Third-Party Risks in 2024

12min

Transitions in Cybersecurity: Trade or Profession?

4min

Navigating Data Security and Privacy Alternatives

5min

The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?”

Industry Voices

On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents.

Selected Reading

Many Malware Campaigns Linked to Proton66 Network (SecurityWeek)

New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News)

CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers)

Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek)

Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine)

$40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine)

Fog ransomware notes troll with DOGE references, bait insider attacks (SC World)

Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security)

Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews)

Digital Weaning Guide from the United States (Dagbladet Information)

Two top cyber officials resign from CISA (The Record)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Proton66’s malware highway.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Threat of Proton66 and Botnets

Ransomware in Healthcare

Cyber-Enabled Fraud in Southeast Asia

CyberWire Guest

Industry Voices

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts