Tags » Malvertising

Cryptocurrency web mining: In union there is profit

In the last months, we stumbled upon some JavaScript files apparently used to mine cryptocurrencies directly within the browser. For a long time now, cybercriminals have taken advantage of cryptocurrency mining in order to make a profit. 2,835 more words

Security News

BetaNews: Malvertising continues to rise as tactics change

BetaNews: Malvertising continues to rise as tactics change . “The second quarter of 2017 saw over 18 percent more adverts containing blacklisted content — phishing, scams, exploit kits, and malware — than Q1 according to a new report. 43 more words

Security & Legal Issues

The Seamless Campaign Isn't Losing Any Steam

Some security researchers on Tuesday had noted that their requests for the Seamless gates were failing. However, if there was any noticeable stoppage, it certainly didn’t last very long. 644 more words

Seamless Campaign Uses RIG EK to Drop Ramnit Trojan

Below is a partial and edited flowchart of the malvertising chain that I got during this infection:

An edited image of the infection chain is shown below: 298 more words

Fobos Campaign Using RIG EK to Drop Bunitu Trojan

This campaign has been dubbed “Fobos” because the actors were using the registrant email address fobos@mail.ru. FireEye first published an article back in March 2017, that talked about Fobos in relation to RIG exploit kit called “ 479 more words

Seamless Campaign Uses RIG EK to Drop Ramnit. Ramnit Drops AZORult.

I’m still seeing a lot of Seamless campaign out there. Let’s look at the HTTP requests and DNS queries from my most recent infection:

We start out with the request for /usa, which redirects to /usa/ via a 301. 491 more words

Rulan Campaign Redirects to RIG EK at and Drops a Miner

Watcha know about Mining!?

Today I was doing some digging (no pun intended) into numerous domains used during recent malvertising redirection chains. These domains appear to be related to a campaign dubbed “Rulan”. 311 more words