Blog | G5 Cyber Security

Spelevo exploit kit debuts new social engineering trick

Threat actors are launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player. The fake video player turns out to be Qbot/Qakbot, which is also one of the payloads distributed by the exploit kit. In one campaign, we saw a malvertising attack on a site that draws close to 50 million visitors a month. Victims were already engaged with the content and may not even realize that an exploitation attempt just happened. Malvertising campaigns are placed on tier 2 adult websites that still drive a lot of traffic.”]

Source: https://blog.malwarebytes.com/threat-analysis/2019/12/spelevo-exploit-kit-debuts-new-social-engineering-trick/

Exit mobile version