Home > Unit 42
Unit 42

Afraidgate: Major Exploit Kit Campaign Switches from CryptXXX Ransomware Back to Locky

posted by: on July 29, 2016 10:30 AM

filed in: Malware, Threat Prevention, Unit 42
tagged: , , , , ,

By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the “.zepto” variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malware after Angler EK disappeared in early June 2016. As we previously reported, this campaign continues to utilize gate domains using name servers from afraid.org. …Continue reading


SpyNote Android Trojan Builder Leaked

posted by: on July 28, 2016 1:40 PM

filed in: Malware, Threat Prevention, Unit 42
tagged: , , ,

Our team recently discovered a new Android Trojan called SpyNote which facilitates remote spying. The builder, which creates new versions of the malware, recently leaked on several malware discussion forums. SpyNote is similar to OmniRat and DroidJack, which are RATs (remote administration tools) that allow malware owners to gain remote administrative control of an Android device.

…Continue reading


Palo Alto Networks Researchers Discover Critical Safari 9.1 Vulnerability

posted by: on July 27, 2016 5:00 AM

filed in: Threat Prevention, Unit 42
tagged: , , , , , , ,

Palo Alto Networks researchers were recently credited with the discovery of an Apple product vulnerability.

Researchers Tongbo Luo and Bo Qu discovered a WebKit vulnerability (CVE-2016-4589) affecting Safari in Apple iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later, and Apple TV (4th generation).

…Continue reading


Older posts →