Showing results for 
Search instead for 
Did you mean: 
Community Leader

Fiesta Exploit Kit Starts Delivering a Double Payload

InfoSecurity August 1, 2014


Malware authors are looking for more bang for the buck.


The Fiesta exploit kit has apparently learned a new trick, and is dropping two pieces of malware on unsuspecting victims’ machines.


“A few days ago, we began noticing a strange new pattern with the Fiesta exploit kit. We were getting a double payload where before only one was delivered,” explained Malwarebytes researcher Jerome Segura, in a blog. “So we decided to check our archives and figure out exactly what happened during the last few days.”


Previously, the kit simply used various exploits followed by a single malware drop, whose parent process is Java. In the past two days however, two payloads have started dropping by the Java process. Essentially, Fiesta EK is delivering a double payload from a single URL call. Once downloaded, it is extracted and gives birth to two executables: the Spyware.Zbot.ED and the Trojan.Agent.ED.


Full story






Experience Shared is Knowledge Shared, Share Yours! I'm a volunteer – my reward is your SMILE!Smiley Very Happy

Helpful Webroot Links:

                         Submit Trouble Ticket • User Guides • BrightCloud URL lookup • Account Console 

Download (PC) • Download (Best Buy/Geek Squad Subscription) • Download (Walmart and Target) • Download (MSN Subscription) 

                                         Register and Introduce yourself to The Community!