Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Angler exploit kit and domain shadowing: A deadly combination

Angler exploit kit and domain shadowing: A deadly combination

2015/03/05

Help Net Security - (International) Security researchers at Cisco Talos Group discovered that hackers have created several hundred compromised registrant accounts, which control thousands of unique domains that were typically compromised by phishing campaigns to redirect victims to Web pages that host the Angler Exploit Kit, dubbed Domain Shadowing. The attackers use and quickly abandon the subdomains housing the exploit kit, making detection difficult.

Source: http://www.net-security.org/malware_news.php?id=2980

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:37