EK – Page 2 – WindowsTechs.com

Elusive Moker Trojan is back

Posted on April 21, 2017 by Malwarebytes Labs

We finally have gotten our hands on a sample of Moker Trojan (that was discovered in 2015). This article will be a deep dive in its capabilities.
Categories:
Malware
Threat analysis
Tags: EKexploit kitmalwareMokerratRIG EKtrojan

Diamond Fox – part 2: let’s dive in the code

Posted on April 6, 2017 by Malwarebytes Labs

In a previous post we made an initial analysis of a Diamond Fox bot delivered by the Nebula Exploit Kit (more about the campaign can be found here). We described the way to unpack the protection layer in order to get the core, written in Visual Basic, that can be decompiled. In this second part of…

Categories:

Tags: Diamond Fox EK exploit kit Nebula Nebula Exploit Kit

(Read more…)

The post Diamond Fox – part 2: let’s dive in the code appeared first on Malwarebytes Labs.

Continue reading Diamond Fox – part 2: let’s dive in the code→

Websites compromised in ‘Decimal IP’ campaign

Posted on March 29, 2017 by Jérôme Segura

This URL is quite probably unlike anything you’ve ever seen before and yet still works and redirects to malware.

Categories:

Tags: 1760468715 EK malware RIG EK RIG exploit kit site hacks

(Read more…)

The post Websites compromised in ‘Decimal IP’ campaign appeared first on Malwarebytes Labs.

Continue reading Websites compromised in ‘Decimal IP’ campaign→

Where Have All The Exploit Kits Gone?

Posted on March 15, 2017 by Tom Spring

For a long time, exploit kits were the most prolific malware distribution vehicle available to attackers. Where did they go and what’s replaced them? Continue reading Where Have All The Exploit Kits Gone?→

Exploit kits: Winter 2017 review

Posted on March 9, 2017 by Jérôme Segura

We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots.
Categories:
Exploits
Threat analysis
Tags: EKexploit kitsMagnitudemalvertisingmalvertsmalwareneutrinoransomwareRIGsundown

A week in security (Jan 01 – Jan 07)

Posted on January 9, 2017 by Malwarebytes Labs

A compilation of notable security news and blog posts from the 1st of January to the 7th. This week, we touched on the Sundown exploit kit with a surprising payload and a fake technical support page that wreaked havoc on Mac systems.Categories: Securit… Continue reading A week in security (Jan 01 – Jan 07)→

AdGholas malvertising: business as usual

Posted on December 6, 2016 by Jérôme Segura

The AdGholas malvertising group was once again exposed after a short summer interruption. We review the highlights of this high impact campaign that flew under the radar for over three months.Categories: ExploitsTags: adgholasastrumEKexploitexploit kit… Continue reading AdGholas malvertising: business as usual→

AdGholas malvertising: business as usual

Posted on December 6, 2016 by Jérôme Segura

Exploit Kits: Fall 2016 Review

Posted on November 9, 2016 by Jérôme Segura

In this post, we review the changes in the exploit kit landscape over the past months by looking at new arrivals and departures.Categories: ExploitsTags: EKexploit kitsMagnitudeNeutrino-vRIGRIG-Vsundown(Read more…) Continue reading Exploit Kits: Fall 2016 Review→

Yet another Sundown EK variant?

Posted on October 18, 2016 by Jérôme Segura

The Sundown exploit kit is keeping us busy by switching from one variant to the next. This latest one clearly was inspired by the original source code and we take the time to explore it a little bit more.Categories: ExploitsTags: EKexploit kitLockysund… Continue reading Yet another Sundown EK variant?→