Fast flux service network is an
|“||online attack . . . where public Domain Name System (DNS) records are rapidly changed by botnets, in some cases every three to five minutes or less, in order to hide phishing and malware delivery websites, child exploitation sites, and other websites that cannot be readily hosted at a conventional provider.||”|
"The basic idea behind fast flux is to have numerous compromised computers associated with a single fully qualified domain name, and changing the DNS records with extremely high frequency (every few minutes), effectively swapping which hosts are associated with that domain name. This use of a constantly changing set of hosts makes it much more difficult to take down these illegal websites; as you find and report three or four "botted" hosts, another three or four are rotated into place, replacing the ones being tracked by the security community with a brand new batch."