Angler, currently considered the most sophisticated and most successful exploit kit, has been observed delivering Flash and Silverlight exploits capable of evading Microsoft’s Enhanced Mitigation Experience Toolkit.
Microsoft EMET is a tool designed to make it more difficult, expensive and time consuming for attackers to exploit vulnerabilities on Windows systems. However, researchers have disclosed methods that can be used to bypass EMET protections on numerous occasions and malicious actors have now also found ways to evade the security tool. In the attacks analyzed by FireEye, cybercriminals used these mitigation bypasses to deliver TeslaCrypt ransomware.Read more
Security researchers from Malwarebytes uncovered today a new trick used by malware distributors that rely on sneaky domain names that fool webmasters into malicious code that mysteriously appeared on their site is responsible for powering a social sharing button.
Tens of thousands of Web browsers may have been exposed to ransomware and other malware over the last few days after malicious advertisements appeared on high-profile websites.
The malicious advertisements are connected to servers hosting the Angler exploit kit, a software package that probes a computer for software vulnerabilities in order to deliver malware. Security vendor Trustwave wrote that it also detected a large Angler-related malvertising campaign. It wasn't immediately clear if both vendors were writing about the same campaign. The campaign delivered a backdoor, which allows an attacker to place other malware on a computer.Read more
Cybercrooks have been caught running booby-trapped ads on Skype to redirect users towards an Angler exploit kit trap. The tactic, part of a broader malvertising campaign, shows that users can be exposed to malicious ads pushing ransomware and other crud without even using a browser-based app, the most common exploit route.
Security researchers at F-Secure uncovered the role of Skype in helping to push an malvertising campaign launched via the AppNexus ad platform. The same malvertising campaign also featured poisoned ads on various websites, including shopping sites, gaming forums, news sites, and internet portals.Read more
Just as before, the ad network guilty of showing these malicious ads is AdSpirit, the same ad network abused in August to show malverts on MSN, Weather.com, Wunderground, and The Drudge Report. The difference, this time, is that advertisers were using the Neutrino and RIG exploit kits, instead of Angler.
There's a trend with malicious actors that are moving away from using the Angler exploit kit, trend observed since the beginning of the year. This may have something to do with the fact that Angler was last year's most used exploit kit, and many cyber-security vendors have focused their efforts on detecting its presence on Web pages.Read more
You should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler, which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease.
Many poorly-secured websites are targeting Windows users with a new "Cocktail" of malware that steals users' passwords before locking them out from their machines for ransom. Yes, stealing Windows users' passwords before encrypting their data and locking their PCs for ransom makes this upgrade to the Angler Exploit Kit nastier. Here's How the New Threat Works:Read more