New Fallout Exploit Kit Drops GandCrab Ransomware or Redirects to PUPs

Discussion in '0-day Release' started by silversurfer, Sep 7, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs).

    First discovered by security researcher nao_sec at the end of August 2018, this kit is installed on hacked sites and will attempt to exploit vulnerabilities on a visitor's computer. The exploited vulnerabilities are for Adobe Flash Player (CVE-2018-4878) and the Windows VBScript engine (CVE-2018-8174).

    When Nao_sec discovered the exploit kit it was downloading and installing SmokeLoader, which is a malware infection that downloads other malware. At that time it was downloading and installing CoalaBot and another unidentified malware.

    In a report released today by FireEye, the Fallout Exploit Kit has been observed installing the GandCrab Ransomware on Windows machines and for macOS users will redirect visitors to pages promoting fake antivirus software or fake Adobe Flash Players.

    jasonX and RGiskardR like this.
  2. Google Adsense

Share This Page