Agencies warn of ‘fast flux’ cyber threat
April 18, 2025 – Published on IT Brew
It sounds like another Vin Diesel movie, but that’s not why agencies around the world are warning of a new “fast flux” threat.
A joint advisory from six cyber orgs, including the NSA, CISA and Canadian Centre for Cyber Security (CCCS), urged cyber pros and ISPs to collaborate against a dodgy tactic that’s dodging detections.
If the Domain Name System (DNS) is the internet’s phonebook, translating dot-com domains into the numbered IP addresses that computers understand, think of “fast flux” as a way for threat actors to call home from different numbers.
Malicious cyber actors, including cybercriminals and nation-state actors, use the flux to change IP addresses and “obfuscate the locations of malicious servers,” the advisory began.
“This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection,” CISA wrote in its April 3 advisory.
Nick Hyatt, senior threat intelligence analyst at cybersecurity advisory GuidePoint Security, estimates that the warning coincides with an expanding of operations for cybercriminals—threat actors moving on from specific targeting to “larger swathes of victims” requiring a larger infrastructure.
“One thing that does trend within cybersecurity is that everything old is new again. This is an established technique that works and then can be used by these threat actors to mask that infrastructure,” he said.
Read More HERE.