VB Migration

Tag: exploit kit

  • Exploit kit requires link to be clicked before redirection

    Automatic analysis of malicious payloads becomes a little bit harder again. A security researcher at ESET has discovered how a malicious site serving the Angler exploit kit prevents automatic analysis by making a user click a link before being redirected to the exploit kit. Having spent many hours during the past two years building a…

  • Php.net compromised to serve malware

    Researchers initially believed Google warning was a false positive. For a few days this week, the popular php.net website was serving malware to some of its visitors and was doing so in a stealthy way that initially confused researchers. There may be thousands and possibly millions of malicious websites on the Internet, but when you…

  • PayPal spam leads to exploit kit

    Clicking on links leads to Blackhole rather than phishing site. Fake PayPal receipts were being spammed out this morning, with links leading to a version of the Blackhole exploit kit. The emails look like typical PayPal confirmation emails and suggest that funds have been sent from the user’s account. The supposed recipient of these funds…

  • 200-fold increase in HTML-attachment spam

    Cutwail botnet likely behind campaign that sends users to Phoenix exploit kit. Researchers at M86 have reported a significant increase in the amount of spam sent with malicious HTML attachments, the volume of which on some days was 200 times that on the first day of the year. HTML, the mark-up language used to create…

  • Recently discovered Java vulnerability being added to exploit kit

    Kit ‘patched’ to include latest exploit; users urged to patch their software too. Security researcher and journalist Brian Krebs has found evidence that a recently discovered vulnerability in Java is being added to the ‘BlackHole’ exploit kit. The vulnerability was discovered a few weeks ago and makes use of the Rhino Script Engine to run…

  • Exploit kit targets customers of air travel websites

    SpyEye configuration intercepts personal data submitted to legitimate websites. Security researchers have uncovered a version of the ‘SpyEye’ trojan that steals credit card and bank account details from visitors of two air travel websites. SpyEye, like ‘Zeus’ (which some researchers believe it is related to), is an advanced exploit kit whose ‘customers’ use can configure…