The Spelevo exploit kit was spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player. Maze Ransomware, a variant of Chacha Ransomware, was initially found by Malwarebytes security researcher Jérôme Segura in May.
The researcher found that the ransomware was being distributed using the Fallout exploit kit via a fake site camouflaged as a legitimate cryptocurrency exchange app. Segura told BleepingComputer that the attackers created a fake Abra cryptocurrency site to buy ad network traffic which was later used to redirect visitors to the exploit kit landing page under certain conditions.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
