Lucene search
K

34 matches found

Malwarebytes
Malwarebytes
added 2023/03/02 3:0 a.m.18 views

Internet Explorer users still targeted by RIG exploit kit

Despite a very slim browser market share, Internet Explorer IE is still being exploited by exploit kits like the RIG exploit kit EK. One major advantage for the malware distributors behind the exploit kit is that the outdated browser has reached end-of-life EOL, which means it no longer receives...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/27 3:33 p.m.161 views

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

The RIG exploit kit EK touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. "RIG EK is a financially-motivated program that has been active since 2014," Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News...

10CVSS9AI score0.95683EPSS
Exploits99
The Hacker News
The Hacker News
added 2023/02/27 3:33 p.m.5 views

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

The RIG exploit kit EK touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. "RIG EK is a financially-motivated program that has been active since 2014," Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News...

10CVSS7.9AI score0.95683EPSS
Exploits99
The Hacker News
The Hacker News
added 2022/06/22 5:41 a.m.137 views

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily...

8.8CVSS1AI score0.87814EPSS
Exploits15
Malwarebytes
Malwarebytes
added 2022/06/08 9:33 p.m.51 views

MakeMoney malvertising campaign adds fake update template

Malware authors and distributors are following the ebbs and flow of the threat landscape. One campaign we have tracked for a numbers of years recently introduced a new scheme to possibly completely move away from drive-by downloads via exploit kit. In this quick blog post, we will look at this ne...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/28 8:20 a.m.153 views

New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer

A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. "When executed, RedLine Stealer performs recon against the target system including username, hardware, browsers installed, anti-virus...

8.8CVSS0.6AI score0.81103EPSS
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/08/10 2:56 p.m.62 views

This Week in Security News: Hijacks and Healthcare

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Singapore looks into the effectiveness of virtual browsers in an attempt to reduce cyberattacks on healthcare systems. Also, cybercriminals...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2018/07/24 9:30 p.m.130 views

Kronos Banking Trojan Surfaces After Years of Silence

The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying code and are actively targeting victims in Germany, Japan and Poland. The latest variant has incorporated a new command-and-control feature designed to work with the Tor...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References4
FireEye
FireEye
added 2018/06/28 12:0 p.m.1659 views

RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

Introduction Through FireEye Dynamic Threat Intelligence DTI, we observed RIG Exploit Kit EK delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner similar activity has been reported by Trend Micro. Apart from leveraging a...

9.3CVSS8.8AI score0.93165EPSS
Exploits39
Check Point Advisories
Check Point Advisories
added 2018/04/02 12:0 a.m.0 views

RIG Exploit Kit URL

RIG exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/28 4:45 p.m.80 views

RIG malvertising campaign uses cryptocurrency theme as decoy

For a couple of weeks, we have been observing a malvertising campaign that uses decoy websites to redirect users to the RIG exploit kit. Those sites, whose theme is about cryptocurrencies, were all registered recently and are swapped after a few days of use. The initial redirection starts off fro...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/30 11:43 p.m.62 views

GandCrab ransomware distributed by RIG and GrandSoft exploit kits (updated)

This post was authored by Vasilios Hioueras and Jérôme Segura Update 2018-02-02: GandCrab is delivered via Necurs malicious spam 1. Update 2018-02-01: GandCrab is now also spread via the EITest campaign 2 3. - - Late last week saw the appearance of a new ransomware called GandCrab. Surprisingly, ...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/17 4:0 p.m.141 views

A coin miner with a “Heaven’s Gate”

You might call the last two years the years of ransomware. Ransomware was, without a doubt, the most popular type of malware. But at the end of last year, we started observing that ransomware was losing its popularity to coin miners. It is very much possible that this trend will grow as 2018...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/15 5:0 p.m.24 views

A week in security (January 8 – January 14)

It's very early in the year, yet everyone has already had a complete meltdown pun intended over a number of serious vulnerabilities found in legacy and modern microprocessors. Last week, rightly so, vendors released patches for hardware and OSes to help mitigate these threats. However, problems i...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/09 5:11 p.m.58 views

RIG exploit kit campaign gets deep into crypto craze

There isn't a day that goes by without a headline about yet another massive spike in Bitcoin valuation, or a story about someone mortgaging their house to purchase the hardware required to become a serious cryptocurrency miner. If many folks are thinking about joining the 'crypto craze' movement,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/04 5:0 p.m.112 views

A week in security (August 28 – September 3)

Last week, we looked at what actions Kronos can perform in the final installment of a 2-part post. We also dived into Locky, again, a ransomware that just made a comeback, and found that its latest variant as of this writing has anti-sandboxing capabilities. This means that once Locky has...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/31 8:4 p.m.970 views

RIG exploit kit distributes Princess ransomware

We have identified a new drive-by download campaign that distributes the Princess ransomware AKA PrincessLocker, leveraging compromised websites and the RIG exploit kit. This is somewhat of a change for those tracking malvertising campaigns and their payloads. We had analyzed the PrincessLocker...

9.3CVSS8.9AI score0.94996EPSS
Exploits59
ThreatPost
ThreatPost
added 2017/06/05 3:16 p.m.13 views

40,000 Subdomains Tied to RIG Exploit Kit Shut Down

Tens of thousands of illegally established subdomains used by criminals involved with the RIG Exploit Kit were recently taken down after an investigation revealed that hackers were phishing domain account credentials to set up these subdomains. Most of the subdomains used GoDaddy as the primary...

0.1AI score
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2017/06/01 12:0 a.m.2 views

RIG Exploit Kit Landing Page URL

RIG exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

2.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/02/09 11:6 a.m.10 views

CryptoShield Infections from RIG EK Picking Up

The RIG Exploit Kit remains fairly active despite an overall decline in such activity, and of late, it’s been spreading a fairly new variant of ransomware called CryptoShield. The main culprit is an attack group known for using EITest to deliver malware; it has been infecting victims’ machines vi...

7AI score
Exploits0References6
Rows per page
Query Builder