Hacker invaded Wyoming Medical Center
infosec

Hacker invaded Wyoming Medical Center

Hackers invaded Wyoming medical center systems forcing a hospital to cancel some surgeries, stop accepting ...
Read More
infosec

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More
infosec

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More
infosec

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More
infosec

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
Latest Posts

Exploit kits target Windows users with Ransomware and Trojans

In the last few days, four new malicious campaigns have surfaced, redirecting users to exploit kits, in order to install programs Trojan and ransomware on their devices.

The malicious campaigns were discovered by the expert nao_sec and distributed through malvertising, which redirects visitors to pages of exploit kits. These landing pages are usually hosted on damaged sites.

When a user visits one of these sites, teased exploit kits try to take advantage of them. vulnerabilities of their browser to install a malicious program.

The GrandSoft exploit kit installs the Ramnit trojan, as discovered by nao_sec last Saturday.

Ramnit is a password theft trojan that attempts to steal stored login credentials, online bank credentials, FTP accounts, browser history and many more from its victims.

The exploit kit Rig installs Amadey and a clipboard hijacker.

Nao_sec unveiled another malware campaign on Sunday, redirecting users to the exploit kit Rig. This targets CVE-2018-15982 (Flash Player), CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and other vulnerabilities to infect users with malware.

When nao_sec discovered this campaign, he was installing clipboard hijackers, who monitor the Windows clipboard for addresses and replace anything they find with the addresses under his control. This is used to steal money that users believe they send to legitimate addresses when making purchases.

The Fallout exploit kit installs a clipboard hijacker

Earlier today, nao_sec discovered Fallout, which targets CVE-2018-8174 (Microsoft Internet Explorer VBScript Engine) and CVE-2018-15982 (Flash Player) vulnerabilities.

Finally, nao_sec discovered another malicious campaign in the Radio exploit kit, which installs Nemty Ransomware. Nemty targets the CVE-2016-0189 vulnerability in JScript and VBScript for Internet Explorer, which Microsoft fixed for 2016.

How will you protect yourself?

In order for an exploit kit to work, it needs to identify vulnerabilities to exploit.

Therefore, your best defense is to make sure you've always installed the latest security updates, both for your operating system and for any software you have installed.

When focusing on software updates, it's important to update the programs that interact with a browser to add additional features, such as Adobe Flash, PDF Readers and similar programs.

How useful was this post?

Average rating / 5. Vote count:

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Absent Mia

About Absent Mia

Being your self, in a world that constantly tries to change you, is your greatest achievement

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *