This will be a quick post as I just wanted to put out some updated IOCs.
“popunder.php” from the HookAds decoy site:
HookAds is still pushing Dreambot via RIG EK. 258 more words
Although there continues to be an overall decrease in EK activity I’m still seeing a decent amount of malvetising leading to EKs. One campaign that I run into a lot is… 963 more words
Malicious malvertising campaigns have taken the world by storm in the last few years, affecting hundreds of thousands of people all over the world.