Tags » Malvertising

ipfilterX Codename Kernel

>Date 19/05/2017

>UPDATES:

-Blocked Threats:
-Updated Threats: [1]
-IP Added Record: [+69K]
-Deleted:(11)
-Merged/Extended:

>COUNTRIES INVOLVED:

>Parsed lines/entries:23K Found IP ranges:23K Duplicate:0 Merged:0 Time:0 secs… 84 more words

HookAds Malvertising Campaign Leads to RIG EK at 185.154.53.33, Drops LatentBot

IOCs

Network Traffic:

  • 80.77.82.41 – nairolonia.info – Pre-landing page
  • 185.154.53.33 – post.divakarshenoy.com – RIG EK
  • 23.249.162.164 – GET /Base64 encoded URI string…
  • 543 more words
IOCs

Seamless Malvertising Campaign Leads to RIG EK at 185.154.53.33 and Drops Ramnit

IOCs

HTTP Traffic:

  • 185.31.160.55 – GET /flow339.php – Seamless campaign redirector
  • 185.154.53.33 – new.cloudarchieve.com – RIG EK
  • 424 more words
IOCs

Seamless Malvertising Campaign Still Leading to RIG EK and Dropping Ramnit

On May 10th, 2017, the Twitter user thlnk3r sent a Tweet with a referer for the seamless campaign:

I decided to investigate the traffic from his tweet and proceeded to use the php file hosted at 185.31.160.55 as my referer. 434 more words

IOCs

How tech support scammers have made millions of dollars

Ahhh, the sweet smell of revenge! Nothing like unleashing some ransomware on those tech support scammers, eh?

However, fortunately for them, there aren’t hours enough in the day to turn the tables on the swindlers and social-engineer their pants off. 1,069 more words

Featured

Hacked Sites Redirecting Users to Various Malvertising Campaigns

I had somebody contact me via my Contact page saying that they found my post on the Seamless campaign leading to RIG exploit kit. They had told me that they had received an email with the following link multitaskcleaners[.]co[.]uk/giftwrap.php?1702. 1,415 more words

IOCs

Malvertising Campaign Leading to RIG Exploit Kit Dropping Ramnit Banking Trojan

On April 5th, 2017, the Twitter user thlnk3r sent a message to Brad and myself about a malvertising chain using onclkds.com to redirect hosts to RIG exploit kit. 986 more words

IOCs