Zoho domains central to keylogger, data theft campaigns worldwide

From zdnet.com

The Indian online office suite is reportedly being abused on a massive scale to exfiltrate data from compromised machines.

screen-shot-2018-10-03-at-08-50-37.png

Researchers have uncovered a keylogger phishing campaign which abuses Zoho in order to spread and exfiltrate data from victim devices.

The Indian company’s domain was suspended briefly in September, the researchers said in a blog post. This was due to an “insufficient response” to the reported abuse.

Zoho’s registrar, TierraNet, took down the domain, seemingly surprising Zoho with the move — to the point that the company took to Twitter to plead for help in resuming service.

Read more here