28 June 19, 12:09
Quote:A new exploit kit that researchers named Spelevo has emerged recently targeting a certain category of victims and infect their computer systems with two banking trojans.
To achieve their goal, exploit kits (EKs) use a traffic direct system (TDS) or gate that points the connection to a landing page where the potential victim device is analyzed for vulnerable applications. Candidates are then directed to the adequate exploit.
The latest exploits preferred by these browser-based threats are Internet Explorer’s CVE-2018-8174, and Flash’s CVE-2018-15982 and CVE-2018-4878, as noted by Malwarebytes most recent in their most recent seasonal EK report.
Discovered by security researcher Kafeine back in early March, Spelevo uses a business-to-business (B2B) website to drop infamous banking trojans IceD and Dridex, according to an analysis from Cisco Talos today.
SOURCE: https://www.bleepingcomputer.com/news/se...ld-tricks/
![[-]](https://www.geeks.fyi/images/collapse.png)
