1,300 Harbor cloud storage vulnerable to attack: Update immediately!
infosec

1,300 Harbor cloud storage vulnerable to attack: Update immediately!

Researchers from Palo Alto Networks' Unit 42 have discovered a critical vulnerability in a popular open source cloud system.
Read More
infosec

TOP virus scan to safely scan a suspicious email attachment

Normally we all have antivirus software that resides on our computers to protect data files from malicious ...
Read More
infosec

WannaCry ransomware continues to invade computers

The infamous WannaCry ransomware that became known in May on 2017 continues to invade computers. Findings are coming today ...
Read More
infosec

Albanian gangs use cryptocurrencies for money laundering

UK police are particularly concerned as 'famous' Albanian gangs, involved in cocaine circuits, are now using ...
Read More
infosec

Germany's digital frontier for cyberattacks!

Germany is in the process of developing a new cybersecurity strategy that will introduce digital borders in the event of a particularly aggressive cyberattack.
Read More
Latest Posts

Exploit kits target Windows users with Ransomware and Trojans

In the last few days, four new malicious campaigns have surfaced, redirecting users to exploit kits, in order to install programs Trojan and ransomware on their devices.

The malicious campaigns were discovered by the expert nao_sec and distributed through malvertising, which redirects visitors to pages of exploit kits. These landing pages are usually hosted on damaged sites.

When a user visits one of these sites, teased exploit kits try to take advantage of them. vulnerabilities of their browser to install a malicious program.

The GrandSoft exploit kit installs the Ramnit trojan, as discovered by nao_sec last Saturday.

Ramnit is a password theft trojan that attempts to steal stored login credentials, online bank credentials, FTP accounts, browser history and many more from its victims.

The exploit kit Rig installs Amadey and a clipboard hijacker.

Nao_sec unveiled another malware campaign on Sunday, redirecting users to the exploit kit Rig. This targets CVE-2018-15982 (Flash Player), CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and other vulnerabilities to infect users with malware.

When nao_sec discovered this campaign, he was installing clipboard hijackers, who monitor the Windows clipboard for addresses and replace anything they find with the addresses under his control. This is used to steal money that users believe they send to legitimate addresses when making purchases.

The Fallout exploit kit installs a clipboard hijacker

Earlier today, nao_sec discovered Fallout, which targets CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and CVE-2018-15982 (Flash Player) vulnerabilities.

Finally, nao_sec discovered another malicious campaign in the Radio exploit kit, which installs Nemty Ransomware. Nemty targets the CVE-2016-0189 vulnerability in JScript and VBScript for Internet Explorer, which Microsoft fixed for 2016.

How will you protect yourself?

In order for an exploit kit to work, it needs to identify vulnerabilities to exploit.

Therefore, your best defense is to make sure you've always installed the latest security updates, both for your operating system and for any software you have installed.

When focusing on software updates, it's important to update the programs that interact with a browser to add additional features, such as Adobe Flash, PDF Readers and similar programs.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Absent Mia

About Absent Mia

Being your self, in a world that constantly tries to change you, is your greatest achievement

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *