Anime site redirects into Neutrino exploit kit, CryptXXX ransomwareGraham Cluley #Exploit_KitApril 1, 2019
Neutrino exploit kit?
Why not Angler or Nuclear?
Attackers injected a popular anime site with malicious code that redirected visitors to the Neutrino exploit kit and CryptXXX ransomware.
Whenever a user visited Jkanime, the script automatically ran and loaded up its JS file, which redirected users to a landing page for the Neutrino exploit kit.
Once again, researchers created a decryption tool, and once again, the malware developers updated the ransomware, this time adding a module that allowed the ransomware to steal victims’ passwords .
CryptXXX used to be distributed only by Angler exploit kit.
Clearly, the Neutrino exploit kit (among others) is still active, which is why users need to protect themselves against attacks.
CryptXXX ransomware steals bitcoins and data from infected PCs
Smashing Security podcast
Check out “Smashing Security” , the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.