Exploit kits: fall 2018 review

With a fresh exploit kit in town, the drive-by download landscape shows new signs of life in fall 2018.

Read more

Fake Spectre and Meltdown patch pushes Smoke Loader malware

German users are being targeted with a rogue patch for the recently announced Meltdown and Spectre flaws.

Read more

Terror exploit kit goes HTTPS all the way

A look at some techniques used by the Terror exploit kit to evade traffic-based detection.

Read more

New-looking Sundown EK drops Smoke Loader, Kronos banker

In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.

Read more

Smoke Loader – downloader with a smokescreen still alive

This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.

Read more

Select your language