2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices.
The current Chromium-d
Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge.
Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising
We’ve spotted a distribution channel for the Neutrino exploit kit which starts with malicious iframe injections. Digging a little more, we found what appears to be an infrastructure set up to handle traffic from multiple geolocations, much like a Traffic Distribution System (TDS).
Initially, there was no intermediary between compromised sites and the T
There has been a lot of talk about Nuclear EK recently, following Sucuri’s discovery about a large number of WordPress sites getting compromised to redirect to the exploit infrastructure.
Here is another interesting spin: a Nuclear EK gate using a decoy CloudFlare DDoS check page while instead loading a malicious redirection that ultimately triggers th
During the past few days we have noticed a higher than usual number of malvertising attacks pushing the Magnitude exploit kit – which had been relatively quiet – to drop ransomware.
Magnitude EK is one of those exploit kits we don’t hear about as much in comparison to others such as Angler EK or Nuclear EK. Its unique URL pattern makes it e