CYBER NEWS

Angler EK Agora Distributes CryptXXX ransomware e Bedep Malware

pexels-photo
image Source: Pexels.com

Cyber criminals are constantly reinventing well-established methods to attack unsuspecting users. Um dos mais caminhos de ataque comum é através de sites comprometidos. Uma vez que o usuário tenha desembarcado em tal website um, he will then encounter an exploit kit, and eventually a piece of malware (como ransomware) will be downloaded onto his computer.

This is how attack scenarios that involve exploit kits usually go. Contudo, the place of initiation of the infection can be different, and this is where cyber criminals improvise. One of the latest EK attacks, analyzed by researchers at Malwarebytes, displays a new sneaky trick performed on Joomla and WordPress websites. The newly discovered malicious intrusion involves the implementation of malicious social sharing buttons and the infamous Angler exploit kit. The payload of the operation is either Bedep or another form of malware.

Aprender mais sobre Bedep Malware

Por outro lado, Proofpoint researchers just analyzed a new ransomware piece – CryptXXX – spread through Bedep after initial infection via Angler. It’s quite likely that the two malicious malicious operations are in the hands of the same threat actors. More information on CryptXXX.

How Is theSocial ButtonAttack Carried Out?

Security researchers say that this attack is quite unique, as it didn’t employ known methods such as direct malicious injections of the landing URL inside the source code of the compromised website. Em vez de, cyber criminals used a domain name to trick website owners into believing that the following is part of social plugins: socialbutton[.]local. As you know, such buttons enable users to interact (gostar, compartilhar, etc.) with the content on a website.

Once a WordPress or Joomla website is “acquired” by the cyber criminals, malicious JavaScript is added to the website’s source code. The attack is done in a manner that disguises the malicious code and makes it look like a social plugin. Even during inspection, webmasters will most likely remain unsuspecting of the malicious activities.

O que acontece depois? If the file is accessed via the browser, no malicious code will be produced. Contudo, when the user visits a compromised website, the code will load into his browser and will then be replaced by a malicious one.

Uma vez feito isso, the user will be redirected multiple times and will land on a page that hosts Angler.

How to Stay Protected against Exploit Kits and Malware

Para ninguém de surpresa, the best way to stay protected against malicious attacks and their payloads is keeping all software up-to-date, incluindo WordPress, your browsers and all apps running on your system. Don’t forget that WordPress and other CMS are often targeted by cyber criminals. If you have many applications, you can rely on one free and easy-to-use program that will make sure all of your software is updated:

Flexera (Secunia) Personal Software Inspector Review

Another important aspect of online security is sustaining a strong anti-malware program to shield you against the various cyber threats lurking in unsuspected (conectados) locais.

donload_now_250
digitalizador Spy Hunter só irá detectar a ameaça. Se você quiser a ameaça de ser removido automaticamente, você precisa comprar a versão completa da ferramenta anti-malware.Saiba Mais Sobre SpyHunter Anti-Malware Ferramenta / Como desinstalar o SpyHunter

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...