8 matches found
WordPress Hacks Behind Spike in Neutrino EK Traffic
Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said. In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlie...
Cybercrime Group Switches from Angler Exploit Kit to Neutrino
A prominent cybercrime actor or group has been kicking the tires on the Neutrino Exploit Kit to move ransomware and other malware, the SANS Institute’s Internet Storm Center reported today. Neutrino is a tier below the prolific Angler Exploit Kit, which is frequently at the heart of new attacks,...
Angler Exploit Kit Evasion Techniques Cryptowall 3.0
The Angler Exploit Kit is turning into a model for malware rapidly integrating new evasion techniques. Starting in early June, URL patterns used by the notorious exploit kit have been changing almost daily, coinciding with it pushing Cryptowall 3.0 ransomware. SANS Internet Storm Center handler...
Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0
While the Angler Exploit Kit may have already established itself as one of the more sophisticated kits on the underground market, it appears it’s still finding ways to evolve. Angler, this week, was spotted dropping the latest iteration of CryptoWall ransomware and leveraging yet another previous...
Malvertising Leads to Magnitude Exploit Kit, Ransomware Infection
Criminals are injecting malicious redirect code into advertisements in order to route user traffic toward sites hosting the Magnitude exploit kit, which, in turn, infects those users with strains of file-encrypting ransomware. Magnitude predominately relies on drive-by-download attacks in which i...
Cryptowall 3.0 Slims Down, Removes Exploits From Dropper
A slimmed down version of Cryptowall is in circulation, and this one contains no built-in exploits, confirming a growing trend that most ransomware will be spread almost exclusively via exploit kits. Kits such as Angler, Nuclear, and most recently Hanjuan, have been busy incorporating Flash...
New Cryptowall 3.0 Ransomware Communicates over I2P Anonymous Network
We have seen a series of Ransomware tended to be simple with dogged determinations to extort money from victims. But with the exponential rise in the samples of Ransomware last year, we saw more subtle in design, including "Cryptolocker" that was taken down along with the "Gameover ZeuS" botnet...
Crowti Cryptowall 3.0 Ransomware Moving in I2P Network
A new strain of the Crowti ransomware, also dubbed Cryptowall 3.0, was spotted by researchers early this week after a quiet period during the holiday season. The twist to these recent infections is that the malware communicates over the I2P anonymity network. French researcher Kafeine confirmed...