Security researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the command and control infrastructure behind EITest, a network of hacked servers abused by cyber-criminals to redirect users to malware, exploits kits, and tech support scams.
Traffic Distribution Systems —often spelled just TDS— are becoming the next big thing in the world of cybercrime operations.
Even though Bitdefender released a GandCrab decryptor today, it is not stopping the GandCrab developers from continuing to use new methods to distribute their ransomware. Today malware traffic analysis nao_sec discovered that EITest was being used to distribute the GandCrab ransomware as part of the HoeflerText Font Update scam.
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python.
Ransomware, ransomware, ransomware. It never seems to end. This week we see lots of little ransomware infections being developer or distributed. The good news is that we also have seen quite a few decryptors released to help those who were infected.
Yesterday, Brad Duncan, a Threat Intelligence Analyst for Palo Alto Networks Unit 42, wrote a blog article discussing how the EITest Chrome Font Update campaign, which was previously discovered by Kafeine, is now distributing the Spora Ransomware instead.