Malware News Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

Captain Awesome · Mar 24, 2017

Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise websites. In addition to this, brute forcing login credentials for web admin consoles or FTPs (File Transfer Protocol) is also a preferred way for attackers to gain illegal access to web servers. By using all such techniques, attackers compromise websites and redirect users to other malicious websites.

Read More:Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware - Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice

Solarquest · Mar 24, 2017

Thanks for sharing!
Interesting...
according to quickheal the rig landing page should be 185.158......
VT=1/64
Scan report for http://185.158.153.111/ at 2017-03-24 18:00:07 UTC - VirusTotal

using the http:// link
VT= 6/64
Scan report for http://rew.bdwtesting.net/ at 2017-03-24 18:00:49 UTC - VirusTotal

Search

Malware News Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

Captain Awesome

Level 24

Solarquest

Moderator

Similar threads