The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.
The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware.
Last week the Fallout Exploit kit was distributing the GandCrab ransomware. This week, it has started to distribute a new ransomware called SAVEfiles, for lack of a better name, through malvertising campaigns.
A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs).
The US continues to be the top country hosting domains that serve web-based threats and, and the main source for exploit kits on a global level, according to new research.
A massive malvertising campaign has been exposed today in a report published by cybersecurity firm Check Point.
Security researchers have discovered a new exploit kit, currently active mainly in Asian countries, which, they say, has been busy spreading bootkits and cryptocurrency-mining (coinminer) malware.
After spending nine months targeting only South Korean users, the Magniber ransomware has expanded its targeting spectrum and is now also capable of infecting users who also feature a Chinese (Macau, China, Singapore) and Malay (Malaysia, Brunei) PC language setting.
The times when exploit kits (EKs) were known to be the breeding ground of new zero-days is long gone, and most EKs nowadays live off older vulnerabilities, meaning that keeping your browser, OS, and Flash Player up-to-date is enough to safeguard you from today's top web-based threats.
An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware.
GandCrab version 3 was released earlier this week with a few noticeable changes. The most noticeable change is the addition of a desktop background and an autorun that causes the ransomware to start automatically when you reboot the computer.
Traffic Distribution Systems —often spelled just TDS— are becoming the next big thing in the world of cybercrime operations.
The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers).
A new ransomware called GandCrab was released towards the end of last week that is currently being distributed via exploit kits. GandCrab has some interesting features not seen before in a ransomware, such as being the first to accept the DASH currency and the first to utilize the Namecoin powered .BIT tld.
When you think you've seen it all, malware authors always find a way to impress you. Today's "that's clever!" moment comes courtesy of a criminal group that's been spreading a new version of the Zeus Panda banking trojan since June, this year.
The Matrix Ransomware has started to be distributed through the RIG exploit kit. This article will provide information on what vulnerabilities are being targeted and how to protect yourself.
A malware developer using the pseudonym of Cehceny is currently advertising a new exploit kit on underground hacking forums.
Another major exploit kit (EK) looks like it's heading for the EK graveyard as activity from the RIG EK has fallen to less than 25% of what the exploit kit used to handle three months ago, in March 2017.
The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago.
A joint operation between various industry actors has led to tens of thousands of shadow domains being shut down and removed from the infrastructure of the RIG Exploit Kit (RIG EK).