US, Australia, Canada warn ransomware gangs use ‘fast flux' to obscure cyberattack infrastructure. This technique rapidly changes DNS records, making detection harder, complicating law enforcement efforts. Two variants exist: single flux (multiple IPs for one domain) and double flux (changing DNS servers as well). Used for over a decade, its resurgence among nation-state actors raises alarms. Ransomware groups like Hive utilize it for resilience and anonymity, thwarting takedowns and assessments.
https://therecord.media/us-australia-canada-warn-of-fast-flux-ransomware-rusia