Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

[Ben10]

Content source

http://thehackernews.com/2015/11/cryptowall-ransomware-malware.html

Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers.

Now less than a month after its release, Cryptowall 4.0 ransomware has been spotted to be delivered as part of a Nuclear Exploit Kit, according to the security researchers at the SANS Internet Storm Center (ISC).

Until recently, Cryptowall 4.0 has been distributed only via malicious spam and phishing emails, but now it has been infecting machines via an Exploit Kit.

SANS security researcher Brad Duncan wrote in a blog post published Tuesday that a cyber criminal working off domains belonging to Chinese registrar BizCN has been spreading the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.

Read more : Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware - The Hacker News

 

[LabZero]

It seems that the situation is quite serious because if Cryptowall distribution system can now be linked to Nuclear Exploit Kit, the infection mode become more concrete.
Specifically, the poor security level of some sites could cause issues : NEK infection occurs through a malicious iframe spreading malware exploiting a weakness of Adobe Flash. For the user, it would be sufficient to display the site page and silently the malware install itself on the client's computer, unless it is detected by an antivirus ...
At this point, since they increase the attacks based on exploits, I think it is imperative to use an anti-exploit application.