Advertisement
Top

The curious case of a Sundown EK variant dropping a Cryptocurrency Miner

January 9, 2017

Via: Malwarebytes
Category:

We recently encountered an atypical case of Sundown EK in the wild – usually the landing page is obfuscated, but in this case there was plain JavaScript. The exploit was dropping some malicious payloads that we took for further analysis. It turned out that they are also atypical by many means. In this article, we will describe the details of our investigation.

Exploit Kit
This exploit kit has a different serving infrastructure than what we are used to seeing, but it is essentially the same Sundown EK that we know.

Read More on Malwarebytes

RELATED PUBLICATIONS

North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!