Friday, 13 May 2016
On 01:37 by admin No comments
Pathé, a major French film production and distribution company is serving ransomware via one of its websites, pathe[.]fr. The film company has a rich history that predates Universal Studios and Paramount Pictures, and is famous for inventing the newsreel in 1908.
We detected that their server hosting pathe[.]fr was compromised with malicious code embedded inside of its pages, responsible for automatically redirecting unsuspecting visitors to the Angler exploit kit.
Angler serves its own ransomware, dubbed CryptXXX which recently received an update to defeat an existing decryption tool that could once restore files to their original non-encrypted state. In addition, the ransomware now prevents the user from using their computer at all, by locking their desktop with a fullscreen ransom note.
Pathé, a major French film production and distribution company is serving ransomware via one of its websites, pathe[.]fr. The film company has a rich history that predates Universal Studios and Paramount Pictures, and is famous for inventing the newsreel in 1908.
We detected that their server hosting pathe[.]fr was compromised with malicious code embedded inside of its pages, responsible for automatically redirecting unsuspecting visitors to the Angler exploit kit.
Angler serves its own ransomware, dubbed CryptXXX which recently received an update to defeat an existing decryption tool that could once restore files to their original non-encrypted state. In addition, the ransomware now prevents the user from using their computer at all, by locking their desktop with a fullscreen ransom note.
Flow
Traffic flow:
Fiddler
Malwarebytes Anti-Exploit stops this attack:
We have alerted the film company but recommend people to avoid visiting their site at the moment and be sure to run exploit mitigation software to defend against drive-by download attacks.
We detected that their server hosting pathe[.]fr was compromised with malicious code embedded inside of its pages, responsible for automatically redirecting unsuspecting visitors to the Angler exploit kit.
Angler serves its own ransomware, dubbed CryptXXX which recently received an update to defeat an existing decryption tool that could once restore files to their original non-encrypted state. In addition, the ransomware now prevents the user from using their computer at all, by locking their desktop with a fullscreen ransom note.
Pathé, a major French film production and distribution company is serving ransomware via one of its websites, pathe[.]fr. The film company has a rich history that predates Universal Studios and Paramount Pictures, and is famous for inventing the newsreel in 1908.
We detected that their server hosting pathe[.]fr was compromised with malicious code embedded inside of its pages, responsible for automatically redirecting unsuspecting visitors to the Angler exploit kit.
Angler serves its own ransomware, dubbed CryptXXX which recently received an update to defeat an existing decryption tool that could once restore files to their original non-encrypted state. In addition, the ransomware now prevents the user from using their computer at all, by locking their desktop with a fullscreen ransom note.
Flow
Traffic flow:
Fiddler
Malwarebytes Anti-Exploit stops this attack:
We have alerted the film company but recommend people to avoid visiting their site at the moment and be sure to run exploit mitigation software to defend against drive-by download attacks.
Subscribe to:
Post Comments (Atom)
Search
Featured post
27 good hacker documentary
In the eyes of most people, a group of hackers usually extremely boring nothing interesting people, and that if only the computer code in ...

0 comments:
Post a comment