Clik here to view.
Fox stealer: another Pony Fork
Gift for SweetTail-Fox-mlp by Mad-N-MonstrousSmall data drop about another Pony fork : Fox stealer.First sample of this malware I saw was at beginning of September 2016 thanks to Malc0de. After...
View ArticleClik here to view.
RIG evolves, Neutrino waves goodbye, Empire Pack appears
Around the middle of August many infection chains transitioned to RIG with more geo-focused bankers and less CryptXXX (CryptMic) Ransomware.Picture 1: Select Drive-by landscape - Middle of August...
View ArticleClik here to view.
CVE-2016-7200 & CVE-2016-7201 (Edge) and Exploit Kits
CVE-2016-7200 & CVE-2016-7201 are vulnerabilities in the Chakra JavaScript scripting engine in Microsoft Edge. Reported by Natalie Silvanovich of Google Project Zero, those have been fixed in...
View ArticleClik here to view.
Bye Empire, Hello Nebula Exploit Kit.
Nebula LogoWhile Empire (RIG-E) disappeared at the end of December after 4 months of activityIllustration of the last month of witnessed Activity for Empireon 2017-02-17 an advert for a new exploit...
View ArticleClik here to view.
CoalaBot : http Ddos Bot
CoalaBot appears to be build on August Stealer code (Panel and Traffic are really alike)I found it spread as a tasks in a Betabot and in an Andromeda spread via RIG fed by at least one HilltopAds...
View Article