exploit kit – Page 8 – WindowsTechs.com

Betabot steals passwords, downloads ransomware

Posted on September 2, 2016 by Zeljka Zorz

The infamous and ever-changing Betabot information-stealing Trojan is back again, and has been observed downloading another well-known threat – the Cerber ransomware. Of course, before doing that, Betabot does its own routine, and slurps all passwords stored in all local browsers. Weaponized resumes According to Patrick Belcher, Senior Director of Threat Research at Invincea, Betabot was first being delivered to unsuspecting users via the Neutrino Exploit Kit. Lately, though, the meticulous crooks behind this scheme … More → Continue reading Betabot steals passwords, downloads ransomware→

Inside the Demise of the Angler Exploit Kit

Posted on August 30, 2016 by Michael Mimoso

Researchers at Kaspersky Lab today confirmed that the cybercriminals behind the Lurk Trojan were also responsible for the development and distribution of the Angler Exploit Kit Continue reading Inside the Demise of the Angler Exploit Kit→

$2.5 Million-a-Year Ransomware-as-a-Service Ring Uncovered

Posted on August 16, 2016 by Tom Spring

Researchers shine a spotlight on what they claim is the largest ransomware-as-a-service ring to date – earning those behind attacks $2.5 million annually. Continue reading $2.5 Million-a-Year Ransomware-as-a-Service Ring Uncovered→

Neutrino EK: more Flash trickery

Posted on August 12, 2016 by Jérôme Segura

Keeping up with twists and turns on the exploit kit scene, we examine a new redirection mechanism to Neutrino EK which adds fingerprinting way up the infection chain by crafting a special Flash file and uploading it on compromised hosts. This ensures p… Continue reading Neutrino EK: more Flash trickery→

Innovative techniques allow malvertising campaigns to run for years

Posted on August 1, 2016 by Zeljka Zorz

A threat actor dubbed AdGholas has been mounting successful malvertising campaigns by using innovative targeting and obfuscation techniques, and has been infecting thousands of victims every day since 2015 – and possibly even earlier. The discovery of the massive malvertising network was made by Proofpoint researchers, and Trend Micro’s researchers helped with some aspects. Their efforts, along with those of advertising network operators, resulted in the suspension of all AdGholas campaigns on July 20, 2016. … More → Continue reading Innovative techniques allow malvertising campaigns to run for years→

Slew of WP-based business sites compromised to lead to ransomware

Posted on July 20, 2016 by Zeljka Zorz

If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been spotted compromising WP-based websites through vulnerabilities in the Slider Revolution (“RevSlider”) plugin and redirecting visitors to the malware-laden SoakSoak.ru website, they are at it again. “Websites are often compromised by botnets that scan websites for vulnerable software or application plugins,” Invincea’s … More → Continue reading Slew of WP-based business sites compromised to lead to ransomware→

Compromised Joomla sites are foisting ransomware on visitors

Posted on July 18, 2016 by Zeljka Zorz

Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking advantage of vulnerable sites has been going strong for over a month now. Sucuri researchers began warning about the “Realstatistics” malware campaign two weeks ago, and dated it back to June 6 (at least). The name of the campaign was derived from the name of the domains used by … More → Continue reading Compromised Joomla sites are foisting ransomware on visitors→

Neutrino EK picks up momentum in recent attacks

Posted on July 15, 2016 by Jérôme Segura

The Neutrino developers have made some changes to the landing page source code as well as integrated a new exploit. The malware campaigns that once were Angler’s continue to point to Neutrino including a large malvertising attack on top adult sites we … Continue reading Neutrino EK picks up momentum in recent attacks→

Popular Anime Site Infected, Redirecting to Exploit Kit, Ransomware

Posted on June 24, 2016 by Michael Mimoso

Jkanime, a popular site that streams anime videos, has been infected with malware that redirects to the Neutrino Exploit Kit and CryptXXX ransomware infections. Continue reading Popular Anime Site Infected, Redirecting to Exploit Kit, Ransomware→

News Flash: the “Ohdearnotagain” vulnerability [Chet Chat Podcast 242]

Posted on June 19, 2016 by Paul Ducklin

Enjoy our latest podcast with Sophos experts John Shier and Paul Ducklin as they take wittily serious aim at the latest security news. Continue reading News Flash: the “Ohdearnotagain” vulnerability [Chet Chat Podcast 242]→