Poweliks is an infection that runs without a filesystem object, completely from the registry and memory using rundll32.exe, javascript and a…
Tag: exploit
Tech Support website infects your computer before you even dial in
If you ever need help with your computer you may be interested in remote tech support. As we have written many…
Google’s DoubleClick ad network abused once again in malvertising attacks
Last week we uncovered a large-scale malvertising attack involving Google’s DoubleClick and Zedo that affected many high-profile sites. Unfortunately, another incident…
Fileless Infections from Exploit Kit: An Overview
The exploit kit landscape is constantly changing and forcing security researchers to up their game. There was a time when payloads…
‘Flash EK’ skips landing page, goes Flash all the way
We came across a strange new exploitation pattern recently where the payload appeared to be distributed without going through the typical process….
Malvertising hits ‘The Times of Israel’ and ‘The Jerusalem Post’, redirects to Nuclear Exploit Kit
The Times of Israel is a popular online newspaper available in several different languages with a majority of readers from the…
Popular Japanese blog platform affected by malicious redirections
Our honeypots caught drive-by downloads that appeared to stem from Ameba, a popular Japanese blogging and social networking site. Upon further…
Shining some light on the ‘Unknown’ Exploit Kit
Every now and again we come across new URL patterns when investigating traffic captures. In some cases, they are variations of existing…
Convincing YouTube look-alike fires RIG Exploit Kit
The lure of salacious videos is often used to trick people into downloading and running malware. As you will see in…
Sub-domain on SourceForge redirects to Flash Pack Exploit Kit
We have talked about SourceForge before on this blog, in particular when they were associated with bundled software. This time around,…