Hidden Bee miner delivered via improved drive-by download toolkit

A drive-by download attack trying to exploit CVE-2018-4878, a vulnerability in Flash Player. The payload served in this campaign is not a standard PE file. Instead, it is a multiple-stage custom executable format acting as a downloader to retrieve LUA scripts used by the threat actors behind the Hidden Bee miner botnet. This was perhaps the first case of a bootkit being used to enslave machines mining cryptocurrencies. The attackers are leveraging malvertising via adult sites to redirect their victims to the exploit kit landing page.”]

Source: https://blog.malwarebytes.com/threat-analysis/2018/07/hidden-bee-miner-delivered-via-improved-drive-by-download-toolkit/

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

RSA: Geolocation shows just how dead privacy is

Intel Confirms Unauthorized Access of Earnings-Related Data

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

Beware these 4 types of IRS scams

Categories

Partners

Just add here your partners image or promo text