RIG Archives

This post was authored by Vasilios Hioueras and Jérôme SeguraUpdate (2018-04-16): Magnitude EK has switched from Magniber to GandCrab.Update (2018-02-28): Major development with…

Update (2017-12-05): We noted some malvertising chains using a new domain name (newadultthem[.]info) also hosted on the same IP address as…

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report for the third quarter of 2017, we saw a number…

Last week, we looked at what actions Kronos can perform in the final installment of a 2-part post. We also dived…

We have identified a new drive-by download campaign that distributes the Princess ransomware (AKA PrincessLocker), leveraging compromised websites and the RIG…

The second quarter of 2017 brought ransomware to unprecedented levels with worldwide outbreaks that went almost out of control. In scenarios…

Given the recent renewed attention about ‘RoughTed’ and Kafeine‘s tweet, we wanted to clarify that RoughTed and associated domains are in fact part…

We have been witnessing a series of malvertising attacks that keep a low profile with decoy websites and strong IP address filtering….

Over the last few days we have observed an increase in malvertising activity coming from adult websites that have significant traffic (several million…