Wednesday, January 20, 11:21
Home security Exploit kits target Windows users with Ransomware and Trojans

Exploit kits target Windows users with Ransomware and Trojans

In the last few days, four new malicious campaigns have surfaced, redirecting users to exploit kits, in order to install programs Trojan and ransomware on their devices.

The malicious campaigns were discovered by the expert nao_sec and distributed through malvertising, which redirects visitors to pages of exploit kits. These landing pages are usually hosted on damaged sites.

When a user visits one of these sites, teased exploit kits try to take advantage of them. vulnerabilities of their browser to install a malicious program.

The GrandSoft exploit kit installs the Ramnit trojan, as discovered by nao_sec last Saturday.

Ramnit is a password theft trojan that attempts to steal stored login credentials, online bank credentials, FTP accounts, browser history and many more from its victims.

The exploit kit Rig installs Amadey and a clipboard hijacker.

Nao_sec unveiled another malware campaign on Sunday, redirecting users to the exploit kit Rig. This targets CVE-2018-15982 (Flash Player), CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and other vulnerabilities to infect users with malware.

When nao_sec discovered this campaign, he was installing clipboard hijackers, who monitor the Windows clipboard for addresses and replace anything they find with the addresses under his control. This is used to steal money that users believe they send to legitimate addresses when making purchases.

The Fallout exploit kit installs a clipboard hijacker

Earlier today, nao_sec discovered Fallout, which targets CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and CVE-2018-15982 (Flash Player) vulnerabilities.

Finally, nao_sec discovered another malicious campaign in the Radio exploit kit, which installs Nemty Ransomware. Nemty targets the CVE-2016-0189 vulnerability in JScript and VBScript for Internet Explorer, which Microsoft fixed for 2016.

How will you protect yourself?

In order for an exploit kit to work, it needs to identify vulnerabilities to exploit.

Therefore, your best defense is to make sure you've always installed the latest security updates, both for your operating system and for any software you have installed.

When focusing on software updates, it's important to update the programs that interact with a browser to add additional features, such as Adobe Flash, PDF Readers and similar programs.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

00:02:05

AI: How the imitation of the human brain enhances its technology

https://www.youtube.com/watch?v=ATvc1tbYFi4 Η τεχνολογία AI έχει καταφέρει εντυπωσιακά πράγματα έως τώρα, όμως χρειάζεται μεγάλο όγκο δεδομένων προκειμένου να...

Malwarebytes: SolarWinds hacked by cyber attackers!

Malwarebytes said it had been hacked by the same hacking team that allegedly "hit" software company SolarWinds. However, he clarified that ...

Bugs in Messenger, Signal, Google Duo allowed spying

Security researcher found bugs in popular, mobile video conferencing and chat applications that allowed potential attackers to hear sounds and receive ...

Trump: US cloud providers will file foreign customers

The most controversial president of the United States, Donald Trump, signed an executive order shortly before his departure, which obliges the ...

Tesla: Seeks man to help Musk handle Twitter complaints

It has been reported that Tesla no longer has a public relations department to handle questions from journalists. It seems, however, that it is necessary ...

Chinese team hacking behind theft of passenger data

In recent years, a Chinese hacking team is believed to be behind dozens of attacks on airlines in order to ...
00:02:49

The creator of PUBG is planning an IPO worth $ 27,2 billion!

https://www.youtube.com/watch?v=ZE1qwCJCXl0 Ο δημιουργός του PUBG, Kim Chang-han, σχεδιάζει IPO (Αρχική Δημόσια Προσφορά ή εισαγωγή στο χρηματιστήριο) η...

Slack: How to turn off automatic conversion to Emoji

Emoji are everywhere now. In many applications - such as Slack - you can not type a simple emoticon based on ...

Malware FreakOut: Infects "Linux hosts" that run vulnerable software

An active malicious campaign is currently targeting critical Linux devices running software. Its purpose is to infect ...
00:02:10

Facebook Messenger vs WhatsApp: Which is worse for privacy?

In recent days, WhatsApp has been at the center of discussions, due to issues that have arisen regarding the privacy of ...