HackDig : Dig high-quality web security articles for hackers

Authors of Purple Fox EK adds 2 Microsoft exploits

The authors of the Purple Fox EK have integrated two new exploits for Microsoft vulnerabilities to the Purple Fox EK. The Purple Fox EK continues to be improved by its authors that implemented two new exploits for Microsoft critical- and high-severity Microsoft vulnerabilities. The Purple Fox EK appears to have been built to replace the notorious RIG e
Publish At:2020-07-07 12:01 | Read:213 | Comments:0 | Tags:Breaking News Cyber Crime Malware exploit kit Hacking malver

Copycat criminals abuse Malwarebytes brand in malvertising campaign

While exploit kit activity has been fairly quiet for some time now, we recently discovered a threat actor creating a copycat—fake—Malwarebytes website that was used as a gate to the Fallout EK, which distributes the Raccoon stealer. The few malvertising campaigns that remain are often found on second- and third-tier adult sites, leading to the Fallout or
Publish At:2020-04-07 14:49 | Read:628 | Comments:0 | Tags:Exploits and vulnerabilities copycat criminals copycat sites

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:435 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices. The current Chromium-d
Publish At:2019-12-18 16:50 | Read:873 | Comments:0 | Tags:Threat analysis EK exploit kit Gozi malvertising Qakbot Qbot

Exploit kits: fall 2019 review

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising
Publish At:2019-11-19 16:50 | Read:1391 | Comments:0 | Tags:Exploits and vulnerabilities Capesand EK exploit kit Fallout

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuo
Publish At:2019-11-12 02:35 | Read:1319 | Comments:0 | Tags:Exploits Malware Blockchain Capesand exploit kit exploit

New Disdain Exploit Kit Detected in the Wild

By Chaoying Liu and Joseph C. Chen The exploit kit landscape has been rocky since 2016, and we’ve observed several of the major players—Angler, Nuclear, Neutrino, Sundown—take a dip in operations or go private. New kits have popped up sporadically since then, sometimes revamped from old sources, but none have really gained traction. Despite that fact,
Publish At:2017-08-17 08:05 | Read:3808 | Comments:0 | Tags:Exploits exploit kit exploit

ProMediads Malvertising and Sundown-Pirate Exploit Kit Combo Drops Ransomware and Info Stealer

With additional insights/analysis from Chaoying Liu We’ve uncovered a new exploit kit in the wild through a malvertising campaign we’ve dubbed “ProMediads”. We call this new exploit kit Sundown-Pirate, as it’s indeed a bootleg of its precursors and actually named so by its back panel. ProMediads has been active as early as 2016, employing Rig and Sundown exp
Publish At:2017-07-19 15:35 | Read:4787 | Comments:0 | Tags:Bad Sites Exploits exploit kit LockPOS malvertising ProMedia

AdGholas Malvertising Campaign Employs Astrum Exploit Kit

At the end of April this year, we found Astrum exploit kit employing Diffie-Hellman key exchange to prevent monitoring tools and researchers from replaying their traffic. As AdGholas started to push the exploit, we saw another evolution: Astrum using HTTPS to further obscure their malicious traffic. We spotted a new AdGholas malvertising campaign using the A
Publish At:2017-06-20 11:50 | Read:8024 | Comments:0 | Tags:Bad Sites Ransomware AdGholas Astrum exploit kit malvertisin

Will Astrum Fill the Vacuum in the Exploit Kit Landscape?

The decline of exploit kit activity—particularly from well-known exploit kits like Magnitude, Nuclear, Neutrino, and Rig during the latter half of 2016—doesn’t mean exploit kits are throwing in the towel just yet. This is the case with Astrum (also known as Stegano), an old and seemingly reticent exploit kit we observed to have been updated multiple times as
Publish At:2017-05-18 23:10 | Read:5296 | Comments:0 | Tags:Exploits Vulnerabilities Astrum diffie-hellman exploit kit e

EITest Corners Chrome Users with Social Engineering, Delivers Fleercivet Trojan

There are numerous ways to redirect a user to an exploit kit. Some of these methods are quite sophisticated. Take pseudo-Darkleech, for instance. This attack campaign injects malicious code into WordPress core files. That code creates a malicious iframe that redirects the user to a landing page for an exploit kit. In so doing, the campaign builds off Darklee
Publish At:2017-01-23 02:15 | Read:4445 | Comments:0 | Tags:Cyber Security Featured Articles Exploit Kit malware social

Got Outdated Software? RIG Exploit Kit and Cerber Ransomware Hope You Say ‘Yes’

Some digital threats are more serious than others but when it comes to unpatched software, nothing’s worse than an exploit kit. These software packages come preprogrammed with the ability to exploit active security issues on vulnerable computers.If they find one such hole agape, they’ll use their exploit code to download ransomware and other badd
Publish At:2017-01-20 00:35 | Read:5349 | Comments:0 | Tags:Cyber Security Featured Articles Exploit Kit pseudo-Darkleec

Updated Sundown Exploit Kit Uses Steganography

This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went private and sh
Publish At:2016-12-29 13:35 | Read:5451 | Comments:0 | Tags:Exploits Malware Vulnerabilities exploit kit steganography S

Stegano campaign exposed millions netizens via attack code in pixels of ads banners

Stegano campaign – Millions of people visiting major websites may have been infected with malicious code that was embedded in pixels of the ads banners. A single pixel could be used to compromise your PC, millions of people visiting major websites over the past months may have been infected with malicious code that was embedded in pixels of the ads ban
Publish At:2016-12-07 15:45 | Read:3768 | Comments:0 | Tags:Breaking News Cyber Crime Malware cybercrme exploit kit Hack

CryptoLuck Ransomware spread through the RIG-E Exploit Kit

CryptoLuck ransomware is a new strain of malware discovered by the researcher Kafeine, that is being distributed via the RIG-E exploit kit. The notorious researcher Kafeine has spotted a new strain of ransomware dubbed CryptoLuck. The malware leverages DLL hijacking and exploits the legitimate GoogleUpdate.exe executable to infect computers. The ransomware a
Publish At:2016-11-17 16:40 | Read:4000 | Comments:0 | Tags:Breaking News Malware CryptoLuck ransomware Cybercrime explo

Announce

Share high-quality web security related articles with you:)

Tools