menu

Contact Us

1 (800) 723-1166 |

Exploit

HomeExploit
HomeExploit

Zeus Panda Delivered By Sundown - Targets UK Banks

Last week we noticed that Sundown Exploit Kit (EK) was distributing a banking trojan. Upon further investigation we discovered that the banking trojan was a new version of Zeus Panda. This malware has previously been delivered by the Angler, Nuclear and Neutrino EKs.

Uncovering A Malicious Traffic Direction System (Blackhat-TDS)

Recently an actor has been using domains like realstatistics[.]info to direct users to exploit kits. These domains are injected as scripts into compromised websites, resulting in drive-by attacks on browsers. The domains are used as Traffic Direction Systems (TDS) which determine whether or not a target is of interest and should be sent to the malicious site or not.

RIG Exploit Kit Makes A Sprash In Russia

The very popular Russian site Sprashivai[.]ru has been compromised and is silently redirecting users to the RIG Exploit Kit (EK). During our analysis we saw RIG EK drop the SmokeLoader (aka Dofoil) malware.

Highly Popular Anime Site Jkanime Compromised - Redirecting Users to Neutrino EK

On June 20, 2016 the popular anime site Jkanime was injected with malicious code that was silently redirecting users to Neutrino Exploit Kit (EK). During our analysis Neutrino EK dropped and executed the CryptXXX 3.0 crypto-ransomware, and we were requested to pay 1.2 BitCoin (approximately $888 USD) in order to get our files back.

Pages