light bulb

Did You Know?



Reply
Highlighted
Posts: 902
Registered: ‎06-20-2014

Fiesta Exploit Kit Starts Delivering a Double Payload

InfoSecurity August 1, 2014

 

Malware authors are looking for more bang for the buck.

 

The Fiesta exploit kit has apparently learned a new trick, and is dropping two pieces of malware on unsuspecting victims’ machines.

 

“A few days ago, we began noticing a strange new pattern with the Fiesta exploit kit. We were getting a double payload where before only one was delivered,” explained Malwarebytes researcher Jerome Segura, in a blog. “So we decided to check our archives and figure out exactly what happened during the last few days.”

 

Previously, the kit simply used various exploits followed by a single malware drop, whose parent process is Java. In the past two days however, two payloads have started dropping by the Java process. Essentially, Fiesta EK is delivering a double payload from a single URL call. Once downloaded, it is extracted and gives birth to two executables: the Spyware.Zbot.ED and the Trojan.Agent.ED.

 

Full story

 

 

 

 

sig



Experience Shared is Knowledge Shared, Share Yours! I'm a volunteer – my reward is your SMILE!Smiley Very Happy


Helpful Webroot Links:


                         Submit Trouble Ticket • User Guides • BrightCloud URL lookup • Account Console 

Download (PC) • Download (Best Buy/Geek Squad Subscription) • Download (Walmart and Target) • Download (MSN Subscription) 


                                         Register and Introduce yourself to The Community!