A technology for hiding the IP addresses of cybercriminal servers by manipulating DNS settings. Fast Flux uses the legitimate technique of linking multiple IP addresses to a single domain name. The cybercriminals control an ever-changing network of botnet devices acting as physical servers. This complicates the task of monitoring the criminal traffic, since the address of the data packet recipient changes regularly.
A Fast Flux network can only be created in tandem with the domain name registrar, so the majority of such botnets are controlled from inside countries with weak cybercrime legislation.