The Fallout Exploit Kit, named for its similarities to the once notorious Nuclear exploit kit, already shows signs of reaching the levels of popularity of its namesake. Since its discovery by security researchers at the end of August, Fallout has been seen distributing the SmokeLoader trojan, GandCrab ransomware, CoalaBot, various potentially unwanted programs (PUPs) and, most recently, a new ransomware strain called SAVEfiles.Read More
July has been a busy month for the distributors of GandCrab ransomware. After about two months with no major update, the cybercrime gang behind GandCrab released version 4, and a few days later, version 4.1. The primary delivery method is via compromised WordPress websites, which have been hijacked to include fake crack application pages, which in turn redirect to the GandCrab executable. Other distribution methods are Exploit Kits (EK) and malicious email campaigns.Read More
Here is a look at GandCrab ransomware and some techniques it uses to evade detection and analysis. These days, most malware employs long chain attack and anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. Such is the case with GandCrab, a new ransomware strain that entered the scene late last month and is currently active.Read More
There are kits for everything these days: beer brewing, engine tuning, and, yes, hacking. Hacking's “exploit kits” (EKs)—toolkits with packaged exploit codes—let almost anyone become a digital intruder, from the guy down the hall to the nation-state operator oceans away. I'm going to share some key areas you need to be aware of when preparing for an EK-driven attack.Read More
The disappearance of Angler has left a gaping hole in the malware market which cybercriminals are only to happy to fill with new variants of old standbys. The latest to reemerge after a period of disuse are Locky and Dridex. A new Locky campaign spotted in the wild on June 20 is analyzed by Pierluigi Paganini on the Security Affairs site. Now a bigger and badder Dridex has reappeared, with more sophisticated evasion tactics, including a new sandbox evasion technique.Read More
Subscribe to our blog
Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.