CYBER NEWS

Angler EK Nu Fordeler CryptXXX Ransomware og Bedep Malware

pexels-foto
Image Source: Pexels.com

Cyber criminals are constantly reinventing well-established methods to attack unsuspecting users. En af de mest almindelige angreb stier er gennem kompromitterede hjemmesider. Når brugeren har landet på sådan en hjemmeside, he will then encounter an exploit kit, and eventually a piece of malware (ligesom ransomware) will be downloaded onto his computer.

This is how attack scenarios that involve exploit kits usually go. Men, the place of initiation of the infection can be different, and this is where cyber criminals improvise. One of the latest EK attacks, analyzed by researchers at Malwarebytes, displays a new sneaky trick performed on Joomla and WordPress websites. The newly discovered malicious intrusion involves the implementation of malicious social sharing buttons and the infamous Angler udnytte kit. The payload of the operation is either Bedep or another form of malware.

Lær mere om Bedep Malware

På den anden side, Proofpoint researchers just analyzed a new ransomware piece – CryptXXX – spread through Bedep after initial infection via Angler. It’s quite likely that the two malicious malicious operations are in the hands of the same threat actors. More information on CryptXXX.

How Is theSocial ButtonAttack Carried Out?

Security researchers say that this attack is quite unique, as it didn’t employ known methods such as direct malicious injections of the landing URL inside the source code of the compromised website. I stedet, cyber criminals used a domain name to trick website owners into believing that the following is part of social plugins: socialbutton[.]websted. Som du ved, such buttons enable users to interact (lignende, del, etc.) with the content on a website.

Once a WordPress or Joomla website is “acquired” by the cyber criminals, malicious JavaScript is added to the website’s source code. The attack is done in a manner that disguises the malicious code and makes it look like a social plugin. Even during inspection, webmasters will most likely remain unsuspecting of the malicious activities.

Hvad sker der nu? If the file is accessed via the browser, no malicious code will be produced. Men, when the user visits a compromised website, the code will load into his browser and will then be replaced by a malicious one.

Når dette er gjort, the user will be redirected multiple times and will land on a page that hosts Angler.

How to Stay Protected against Exploit Kits and Malware

Til ingens overraskelse, the best way to stay protected against malicious attacks and their payloads is keeping all software up-to-date, herunder WordPress, your browsers and all apps running on your system. Don’t forget that WordPress and other CMS are often targeted by cyber criminals. If you have many applications, du kan stole på en gratis og nem at bruge program, der vil sikre, at alle dine programmer er opdateret:

Flexera (Secunia) Personal Software Inspector anmeldelse

Another important aspect of online security is sustaining a strong anti-malware program to shield you against the various cyber threats lurking in unsuspected (online) steder.

donload_now_250
Spy Hunter scanner kun detektere trussel. Hvis du ønsker, at truslen skal fjernes automatisk, du nødt til at købe den fulde version af anti-malware værktøj.Læs mere om SpyHunter Anti-Malware værktøj / Sådan fjernes SpyHunter

Milena Dimitrova

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum siden begyndelsen. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler! Følg Milena @Milenyim

Flere indlæg

Følg mig:
Twitter

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...