Even though Bitdefender released a GandCrab decryptor today, it is not stopping the GandCrab developers from continuing to use new methods to distribute their ransomware. Today malware traffic analysis nao_sec discovered that EITest was being used to distribute the GandCrab ransomware as part of the HoeflerText Font Update scam.
Summer vacation is over! During the past week, security researchers have discovered several distribution campaigns pushing the Locky ransomware via different methods, including a new variant that features one hell of a clever trick.
HoeflerText Font Pack social engineering attack has expanded to now include the Firefox browser as one of its targets. Not paying attention and installing its payload will lead to the Zeus Panda banking Trojan being installed on a victim's computer.
Yesterday, Brad Duncan, a Threat Intelligence Analyst for Palo Alto Networks Unit 42, wrote a blog article discussing how the EITest Chrome Font Update campaign, which was previously discovered by Kafeine, is now distributing the Spora Ransomware instead.