Hermes ransomware distributed to South Koreans via recent Flash zero-day

An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea. Categories: Exploits Threat analysis Tags: CVE-2018-4878EKexploit kitFashHermesransomware (Read more...) The post Hermes ransomware distributed to South Koreans via recent Flash zero-day appeared first on Malwarebytes Labs.
Read more

Avzhan DDoS bot dropped by Chinese drive-by attack

The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we'll take a deep dive into its functionality and compare the sample we captured with the one described in the past. Categories: Malware Threat analysis Tags: avzhanBotbotnetddosdrive-by attackexploit kitmalware (Read more...) The post
Read more

Drive-by download campaign targets Chinese websites, experiments with exploits

This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits. Categories: Threat analysis Tags: Chinesecoinhivedrive-byEKexploit kitexploitsFlash PlayerInternet Explorersvchost.exe (Read more...) The post Drive-by download campaign targets Chinese websites, experiments with exploits appeared first on Malwarebytes Labs.
Read more

Top Exploit Kit Activity Roundup – Winter 2018

Overview: This is the seventh in a series of blogs collecting the recent activity of the current top exploit kits. Exploit kits are rapidly deployable software packages designed to leverage vulnerabilities in web browsers to deliver a malicious payload to a victim’s computer. Authors of exploit kits offer their services for sale, distributing malware for other malicious actors. Find our previous roundup here. RIG Exploit Kit RIG EK has maintained its position as the most active exploit kit, but overall volume of RIG traffic was down over the fall quarter. In November, RIG activity declined significantly, and this trend continues throughout December. RIG...
Read more

Terror Exploit Kit via Malvertising campaign

Terror Exploit Kit (EK) is one of the newer EKs that came to the scene in early 2017 and was mentioned in our Winter 2017 quarterly EK roundup where it was mainly installing ccminer Bitcoin mining applications. Terror EK activity has been low throughout the year but we are starting to see an uptick in the activity delivered via malvertising campaigns in past two months. The graph below shows Terror EK activity for past two months. Figure 1: Terror EK activity between September 1 and October 23, 2017. The image below shows recent Terror EK cycles from this month. Figure 2: Terror Exploit Kit Cycles In this blog, we...
Read more

Labs report: summer ushers in unprecedented season of breaches

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams. Categories: Malwarebytes news Tags: 3rd quarterandroid malwareastrumbreachcerbercybercrimecybercrime tactics and techniquesemotetEquifaxexploit...
Read more

Drive-by mining and ads: The Wild Wild West

Cryptomining in the browser is all the rage lately. But what are the impacts for users when it is being abused by dubious publishers? Categories: Social engineering Threat analysis Tags: adsbrowsercoinhivecryptominercryptominingcryptonightexploit kitJSmalvertisingmalware (Read more...) The post Drive-by mining and ads: The Wild Wild West appeared first on
Read more

Top Exploit Kit Activity Roundup – Summer 2017

Overview: This is the third installment in a series of blogs highlighting the recent activity of the top exploit kits. Exploit kits (EKs) are rapidly deployable software packages designed to leverage vulnerabilities in web browsers to deliver a malicious payload to a victim’s computer. EK authors offer their services for sale, distributing malware for other malicious actors. In this blog, we will be looking at the most active EKs, including RIG, Magnitude, Terror, and the newest arrival - Disdain. You can read our roundup from spring 2017 here. RIG Exploit Kit RIG remains the most consistently active exploit kit, distributed over several simultaneous campaigns to...
Read more
Page 1 of 212