Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
No replies to this topic

#1 Aura


    Bleepin' Special Ops

  • Malware Response Team
  • 19,697 posts
  • Gender:Male
  • Local time:08:21 AM

Posted 25 November 2015 - 10:34 AM

In short order, the newest version of Cryptowall has begun showing up in exploit kits.

The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit.

SANS ISC handler and Rackspace security engineer Brad Duncan said that until recently, Cryptowall 4.0 has been moved almost exclusively via malicious spam and phishing emails. He said this is the first time Cryptowall 4.0 has been infecting machines via an exploit kit.

Source: https://threatpost.com/nuclear-exploit-kit-spreading-cryptowall-4-0-ransomware/115479/

Once again, running Anti-Exploit programs like CryptoMonitor, Malwarebytes Anti-Exploit, EMET, HitmanPro.Alert, etc. will help to reduce the risk of infection.

Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users