The HookAds malvertising campaign

In this post we take a look at a malvertising campaign that we traced back to late August and that is targeting adult traffic. While initially pushing the Neutrino exploit kit, it switched to RIG EK in September. We estimate that at least one million visitors to adult websites were exposed to this particular campaign.

Read more

A week in security (Oct 16 – Oct 22)

A compilation of notable security news and blog posts from the 16th of October to the 22nd. This week, we reported about a Facebook hoax, a noteworthy DDoS attack, ransomware, and exploit kit campaigns. We also made several company announcements.

Read more

Yet another Sundown EK variant? (updated)

The Sundown exploit kit is keeping us busy by switching from one variant to the next. This latest one clearly was inspired by the original source code and we take the time to explore it a little bit more.

Read more

New-looking Sundown EK drops Smoke Loader, Kronos banker

In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.

Read more

A week in security (Sep 25 – Oct 01)

A compilation of notable security news and blog posts from September 25th to October 1st. This week, we discussed Komplex, that new Snap eyewear, a fake browser extension, more malvertising campaigns, and some little known truths about spoofing file extensions.

Read more

Select your language