Cerber ransomware delivering in a Magnitude exploit kit (EK) using an interesting technique, Malwarebyte researchers have discovered. The Magnitude EK uses its own gate and continues to evolve new tricks and techniques to avoid detection and is notorious for distributing the Cerber ransomware to certain geolocations, such as South Korea. Researchers have noted the EK…
Bad actors have been leveraging a disclosed remote code execution exploit in Apache Struts 2 to launch an evolving array of malicious campaigns, including Cerber ransomware attacks, against machines that still use unpatched versions of the software.
Exploit kits didn't completely hibernate over the winter, but they didn't show much signs of life either, with no major changes to their features and a relatively low infection volume compared to malicious spam, according to Malwarebytes.
The long-lived ElTest malware campaign that infects victims through compromised websites evolved once again in the last quarter of 2016, ending its use of exploit kit gates and obfuscation, according to researchers with Palo Alto Networks' Unit 42 threat research team.