Fake Spectre and Meltdown patch pushes Smoke Loader malware
German users are being targeted with a rogue patch for the recently announced Meltdown and Spectre flaws.
Terror exploit kit goes HTTPS all the way
A look at some techniques used by the Terror exploit kit to evade traffic-based detection.
New-looking Sundown EK drops Smoke Loader, Kronos banker
In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.
Smoke Loader – downloader with a smokescreen still alive
This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.