CryptoWall 4.0 is being packed into the Angler exploit kit and spreading through a new drive-by download campaign. Researchers at Heimdal Security have found over 200 new domains being used by attackers in the past 24 hours alone. The campaign originates from a hosting environment in the Ukraine, and has thusfar hit websites in Denmark particularly hard — over 100 sites there have been injected with malware. The new attack campaign uses a “stack of drive by campaigns,” that hit the victim with multiple payloads, including the Pony information stealer, the.”]