Browsing tag
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. “RIG EK is a financially-motivated program that has been active since 2014,” Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News. “Although it has yet to substantially change its exploits […]
A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. “When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN […]
Researchers uncovered an information-stealing malware called Raccoon that delivered by the Fallout and RIG Exploit Kits to steal sensitive data from compromised victims’ devices. Raccoon malware reportedly hacked more than 100,000 computers around the world since April 2019, and the malware believed to be delivered from a team of Russian hackers. Malware doesn’t use any stealthy infection technique, and […]
Fallout is an exploit kit (EK) first identified at the end of August 2018. It was first seen as a part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and others in the Asia Pacific. Fallout was observed exploiting vulnerabilities CVE-2018-4878 and CVE-2018-8174 and distributing the Gandcrab ransomware to […]
One of the dangerous Fallout exploit kit now back to form with various new futures and delivering one of the widely distributed Ransomware GandCrab. Attackers using malvertising chain to ditributing the Fallout exploit kit since Jan 2015 via adult websites. Unlike past infection that discovered back to 2018, current distribution contain new futures including HTTPS […]
Cybercriminals now using new Fallout Exploit Kit for launching GandCrab Ransomware via Malvertising Campaign that targets many victims around the world. This malvertising campaign mainly affected users in Japan, Korea, the Middle East, Southern Europe, Asia Pacific region and other countries. Along with this Exploit kit, there are additional domains, regions, and payloads associated with the campaign […]
A new exploit kit dubbed Underminer spreading through advertising servers that delivers bootkit which affects system boot sectors and the cryptocurrency-mining malware called Hidden Mellifera. Underminer manages to secure the malware transfers through encrypted transmission control protocol (TCP) and it packs malware as read-only filesystem ROM files. Security researchers from Trend Micro detected the Underminer’s […]
Around 52,000 Malicious Command & Control Severs has been taken down that continuously spreading Malware under well-documented infection chain called EITest. EITest is a Sophisticated Malware infection chain that basically redirects users from a compromised website into exploit kit (EK) landing pages, social engineering schemes, and potential threats. Its one of the oldest & largest […]
Newly discovered Microsoft office document exploit kit contains a variety of recent exploits and Malware such as Lokibot, Formbook and tracking kit called such as ThreadKit targeting various organization and individuals around the world. These Exploits kits are available in restricted underground crime forums and the cybercriminals are selling them at a different price. They are used […]
We’ve been following the Terror exploit kit during the past few months and observed notable changes in both its redirection mechanism and infrastructure, which have made capturing it in the wild a more challenging task. Unlike the RIG exploit kit, which uses predictable URI patterns and distribution channels, Terror EK is constantly attempting to evade […]
Today we picked up new activity from an exploit kit that was first discovered back in August of this year. The Disdain exploit kit, simply identified by a string of the same name found in its source code, is being distributed again after a short interruption via malvertising chains. Disdain EK relies on older vulnerabilities that have […]
Over the past six months, the roar of exploit kits has quieted to a whimper. But that doesn’t mean exploit kit threats are nonexistent. According to security experts, gangs behind them are regrouping, tweaking code and finding fresh software exploits to target. Here are the exploit kits and exploit kit trends to watch for over the […]
King of copy-paste exploits, the Sundown exploit kit, has been offline since March 8, and this also includes most of its variations, according to security researcher Kaffeine and Jérôme Segura of Malwarebytes. While exploit kit operators have taken vacations in the past, they never lasted this long, and these were usually during the winter holidays […]
Security researchers from Trustwave and Malwarebytes have come across a new, poorly assembled exploit kit that appears to be the work of a one-man crew. Named Terror EK, this exploit kit was first detected at the start of December. From the get-go, Terror got Trustwave’s attention due to the generally poor quality of how the […]
Today’s most prolific exploit kit is RIG, which has filled a void left by the departure of Angler, Neutrino and Nuclear. That has made it public enemy No. 1 when it comes exploit kits. Now Cisco Talos researchers are hoping to shed new light into the ongoing development of the potent EK in hopes of neutralizing […]
PonyForx is a fork of the more popular Pony infostealer. A crook named Cronbot is currently selling a new malware variant on Russian underground hacking forums that appears to be a successful fork of an older and very advanced infostealer called Pony. Named Fox but currently identified by researchers as PonyForx or Fox Stealer, this […]
By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the “.zepto” variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malware after Angler EK disappeared in early June 2016. As we previously reported, this campaign continues to utilize gate domains using name servers from afraid.org. Changing […]
Trio of threats assaults unsuspecting Comcast Xfinity users. Some users visiting the Comcast Xfinity portal faced a triple threat these past days, being taken on a wild ride by a malicious ad to a page serving ransomware via an exploit kit, and later trying to trick them into calling a phone number in a classic tech […]
Net menaces show warped sense of humour in attack onGrauniad story. Hackers have hosed an article published by The Guardian using the world’s nastiest exploit kit Angler to pop the machines of exposed readers. The attack firmly answers the article’s headline positing the question ‘is cybercrime out of control’, based on arguments in a book […]