Magniber Ransomware Wants to Infect Only the Right People
Contents
Magniber Ransomware Wants to Infect Only the Right People
Exploit kit (EK) use has been on the decline since late 2016; however, certain activity remains consistent. The Magnitude Exploit Kit is one such example that continues to affect users, particularly in the APAC region.
In Figure 1, which is based on data gathered in March 2017, we can see the regions affected by Magnitude EK activity during the last three months of 2016 and the first three months of 2017.
This trend continued until late September 2017, when we saw Magnitude EK focus primarily on the APAC region, with a large chunk targeting South Korea. Magnitude EK activity then fell off the radar until Oct. 15, 2017, when it came back and began focusing solely on South Korea. Previously it had been distributing Cerber ransomware, but Cerber distribution has declined (we have also seen a decline of Cerber being distributed via email) and …
Exploit kit (EK) use has been on the decline since late 2016; however, certain activity remains consistent. The Magnitude Exploit Kit is one such example that continues to affect users, particularly in the APAC region.
In Figure 1, which is based on data gathered in March 2017, we can see the regions affected by Magnitude EK activity during the last three months of 2016 and the first three months of 2017.
This trend continued until late September 2017, when we saw Magnitude EK focus primarily on the APAC region, with a large chunk targeting South Korea. Magnitude EK activity then fell off the radar until Oct. 15, 2017, when it came back and began focusing solely on South Korea. Previously it had been distributing Cerber ransomware, but Cerber distribution has declined (we have also seen a decline of Cerber being distributed via email) and …
IoC
dc2a2b84da359881b9df1ec31d03c715
http://2i1f3aadm8k.putback.space
http://3e37i982wb90j.fileice.services
http://4bg8l9095z0287fm1j5.bankme.date/new0
http://7o12813k90oggw10277.bankme.date/new1
http://a3co5a8iab2x24g90.helpraw.schule
http://fastprofit.loan
http://fastprofit.me
http://j2a3y50mi0a487230v1.bankme.date/end1
http://2i1f3aadm8k.putback.space
http://3e37i982wb90j.fileice.services
http://4bg8l9095z0287fm1j5.bankme.date/new0
http://7o12813k90oggw10277.bankme.date/new1
http://a3co5a8iab2x24g90.helpraw.schule
http://fastprofit.loan
http://fastprofit.me
http://j2a3y50mi0a487230v1.bankme.date/end1