Russian Host Proton66 Tied to SuperBlack and WeaXor Ransomware

Cybersecurity experts at Trustwave’s SpiderLabs have discovered an increase in malicious online activities originating from the Russian “bulletproof” hosting provider Proton66. These activities include ransomware campaigns, Android malware distribution, and targeted attacks using XWorm and Strela Stealer. There are also potential connections to Chang Way Technologies and the SuperBlack ransomware group.