The Spelevo exploit kit was spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player. Maze Ransomware, a variant of Chacha Ransomware, was initially found by Malwarebytes security researcher Jérôme Segura in May.
The researcher found that the ransomware was being distributed using the Fallout exploit kit via a fake site camouflaged as a legitimate cryptocurrency exchange app. Segura told BleepingComputer that the attackers created a fake Abra cryptocurrency site to buy ad network traffic which was later used to redirect visitors to the exploit kit landing page under certain conditions.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Roger Grimes, Data-driven Defence Evangelist , provides expert commentary at @Information Security Buzz.
"One of the biggest risk factors would be a brand-new website attached to a brand-new DNS entry...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-spelevo-exploit-kit-maze-ransomware
Facebook Message
@Roger Grimes, Data-driven Defence Evangelist , provides expert commentary at @Information Security Buzz.
"One of the biggest risk factors would be a brand-new website attached to a brand-new DNS entry...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-spelevo-exploit-kit-maze-ransomware