image Source: Pexels.com
Cyber criminals are constantly reinventing well-established methods to attack unsuspecting users. Um dos mais caminhos de ataque comum é através de sites comprometidos. Uma vez que o usuário tenha desembarcado em tal website um, he will then encounter an exploit kit, and eventually a piece of malware (como ransomware) will be downloaded onto his computer.
This is how attack scenarios that involve exploit kits usually go. Contudo, the place of initiation of the infection can be different, and this is where cyber criminals improvise. One of the latest EK attacks, analyzed by researchers at Malwarebytes, displays a new sneaky trick performed on Joomla and WordPress websites. The newly discovered malicious intrusion involves the implementation of malicious social sharing buttons and the infamous Angler exploit kit. The payload of the operation is either Bedep or another form of malware.
Aprender mais sobre Bedep Malware
Por outro lado, Proofpoint researchers just analyzed a new ransomware piece – CryptXXX – spread through Bedep after initial infection via Angler. It’s quite likely that the two malicious malicious operations are in the hands of the same threat actors. More information on CryptXXX.
How Is the “Social Button” Attack Carried Out?
Security researchers say that this attack is quite unique, as it didn’t employ known methods such as direct malicious injections of the landing URL inside the source code of the compromised website. Em vez de, cyber criminals used a domain name to trick website owners into believing that the following is part of social plugins: socialbutton[.]local. As you know, such buttons enable users to interact (gostar, compartilhar, etc.) with the content on a website.
O que acontece depois? If the file is accessed via the browser, no malicious code will be produced. Contudo, when the user visits a compromised website, the code will load into his browser and will then be replaced by a malicious one.
Uma vez feito isso, the user will be redirected multiple times and will land on a page that hosts Angler.
How to Stay Protected against Exploit Kits and Malware
Para ninguém de surpresa, the best way to stay protected against malicious attacks and their payloads is keeping all software up-to-date, incluindo WordPress, your browsers and all apps running on your system. Don’t forget that WordPress and other CMS are often targeted by cyber criminals. If you have many applications, you can rely on one free and easy-to-use program that will make sure all of your software is updated:
Another important aspect of online security is sustaining a strong anti-malware program to shield you against the various cyber threats lurking in unsuspected (conectados) locais.
digitalizador Spy Hunter só irá detectar a ameaça. Se você quiser a ameaça de ser removido automaticamente, você precisa comprar a versão completa da ferramenta anti-malware.Saiba Mais Sobre SpyHunter Anti-Malware Ferramenta / Como desinstalar o SpyHunter