Monthly Archives: January 2014

Box.php Fraud Kit

I’ve been researching that fake Adobe Flash update and Neutrino EK redirect that other fine researchers have been writing about: blog.spiderlabs.com/2014/01/beware-bats-hide-in-your-jquery-.html blog.sucuri.net/2014/01/website-mesh-networks-distributing-malware.html www.f-secure.com/weblog/archives/00002659.html blog.malwarebytes.org/online-security/2014/01/neutrino-delivers-fake-flash-malware-hosted-on-skydrive/ I don’t want to duplicate too much of what they have already covered but here’s what … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , | Comments Off on Box.php Fraud Kit

Sneaky Redirect to Exploit Kit

While I was testing a Pinpoint update, I found a sneaky method to redirect unsuspecting users to Neutrino EK. This one was interesting to me so I thought I would document it here. Here’s the website I visited…looks suspicious already: … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , | Comments Off on Sneaky Redirect to Exploit Kit

Exploit Delivery Networks

Exploit packs are normally set up on a hacker-controlled server. Compromised websites or malicious email links lead unsuspecting users to the drive-by landing page on the server. While this keeps the main control panel, renter’s panel, crypter, statistics, etc all … Continue reading

Posted in Exploit Packs | Tagged , , , , , | Comments Off on Exploit Delivery Networks

The Resurrection of RedKit

“RedKit” was once a thriving exploit pack then faded away leaving behind artifacts on several abandoned hosts which are still triggering broken redirection alerts to this day. Within the past couple of months, however, we are witnessing a deliberate return … Continue reading

Posted in Exploit Packs | Tagged , , , , | Comments Off on The Resurrection of RedKit

Pinpoint Tool Released

There are many times where I come across a drive-by download, especially malvertisements, and it takes me awhile to figure out which file on the compromised website is infected. I wrote Pinpoint to help me find the malicious objects faster … Continue reading

Posted in Tools | Tagged , , | Comments Off on Pinpoint Tool Released