Thursday, April 9, 15:18
Home security Exploit kits target Windows users with Ransomware and Trojans

Exploit kits target Windows users with Ransomware and Trojans

In the last few days, four new malicious campaigns have surfaced, redirecting users to exploit kits, in order to install programs Trojan and ransomware on their devices.

The malicious campaigns were discovered by the expert nao_sec and distributed through malvertising, which redirects visitors to pages of exploit kits. These landing pages are usually hosted on damaged sites.

When a user visits one of these sites, teased exploit kits try to take advantage of them. vulnerabilities of their browser to install a malicious program.

The GrandSoft exploit kit installs the Ramnit trojan, as discovered by nao_sec last Saturday.

Ramnit is a password theft trojan that attempts to steal stored login credentials, online bank credentials, FTP accounts, browser history and many more from its victims.

- Advertisement -

The exploit kit Rig installs Amadey and a clipboard hijacker.

Nao_sec unveiled another malware campaign on Sunday, redirecting users to the exploit kit Rig. This targets CVE-2018-15982 (Flash Player), CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and other vulnerabilities to infect users with malware.

When nao_sec discovered this campaign, he was installing clipboard hijackers, who monitor the Windows clipboard for addresses and replace anything they find with the addresses under his control. This is used to steal money that users believe they send to legitimate addresses when making purchases.

The Fallout exploit kit installs a clipboard hijacker

Earlier today, nao_sec discovered Fallout, which targets CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and CVE-2018-15982 (Flash Player) vulnerabilities.

Finally, nao_sec discovered another malicious campaign in the Radio exploit kit, which installs Nemty Ransomware. Nemty targets the CVE-2016-0189 vulnerability in JScript and VBScript for Internet Explorer, which Microsoft fixed for 2016.

How will you protect yourself?

In order for an exploit kit to work, it needs to identify vulnerabilities to exploit.

Therefore, your best defense is to make sure you've always installed the latest security updates, both for your operating system and for any software you have installed.

When focusing on software updates, it's important to update the programs that interact with a browser to add additional features, such as Adobe Flash, PDF Readers and similar programs.

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LEAVE ANSWER

Please enter your comment!
Please enter your name here

LIVE NEWS

Windows 10 feature helps to delete useless files and apps

Windows 10 will make it easier to delete useless files and apps by displaying them in a list.

Cloudflare: Stops using Google's reCAPTCHA!

Cloudflare has announced that it will stop using Google's reCAPTCHA and switch to a new bot detector that ...

Google Stadia Pro is available for free for two months! Time for video games!

The situation we are experiencing lately due to corona, is one of the most difficult situations of ...

Russia is expected to try to manipulate the 2020 elections

The report comes after election security experts remain on alert for attempts to manipulate the 2020 election by ...

COVID-19: Can it be "reactivated" in treated patients?

According to the Korean Centers for Disease Control and Prevention (KCDC), Coronavirus COVID-19 can be "reactivated" in treated patients. Indicatively, approximately ...

Instructions for the face shields created by Apple

The pandemic of coronavirus has affected all areas of our daily lives and especially our work ....

Windows 10: WSL Linux integration test in File Explorer

Windows 10 improves integration between Windows Subsystem for Linux (WSL) and File Explorer, ...

XHelper malware: reinstalled after resetting to factory settings

The malware XHelper, which affects devices running the Android operating system, was first discovered ...

The Fall of the Zoom: Google forbids its employees to use it

A few weeks ago, Zoom was one of the top teleconferencing solutions. Many people working ...

OTEAcademy: Telecommunication Program for Scientists & Freelancers, affected by COVID-19

OTEAcademy participates in the special telecommunication program - certification for scientists and freelancers affected by COVID-19.