VexTrio, a cybercrime syndicate with a history dating back to at least 2017, has been implicated in nefarious activities utilizing a sophisticated dictionary domain generation algorithm (DDGA).  Their malicious campaigns encompass scams, riskware, spyware, adware, potentially unwanted programs (PUPs), and explicit content, with a notable occurrence in 2022 involving the distribution of the Glupteba malware following a prior intervention by Google in December 2021. The scope of VexTrio’s influence extends to a network of over 70,000 documented domains, facilitating traffic brokering for approximately 60 affiliates, including ClearFake, SocGholish, and TikTok Refresh.  Document Free Trial Streaming Malware Service Open Suspicious Files & Links in the ANY RUN Sandbox Safely; Try All Features for Free.

Source: GBHackers