Computer criminals have updated the dangerous Sundown exploit kit to include steganography features, continue reading to learn more about the threat.
The Sundown Exploit Kit Now Features Steganography
Security experts have uncovered updated variants of the notorious Sundown exploit kit which is used to deliver a variety of different malware and ransomware to chosen targets. The Sundown exploit kit was made famous in September where it started to deliver the CryLocker ransomware and other dangerous viruses. This virus was unique as it used PNG graphic files to pack the harvested information from the compromised system. The images are then uploaded were then uploaded to a IMgur album where the criminal operators could access them and thereby avoid detection. This steganography technique was the hallmark of the infection routine and now the Sundown Exploit Kit features an update that has this capability built-in.
The new versions of the dangerous hacking tool was discovered in samples captured on December 27 2016. In these iterations hackers used the PNG images not only to store the harvested information but also the exploit code as well. Sundown was used in multiple malware campaigns that distributed different computer viruses. According to the released statistics the most affected countries include France, Japan and Canada.
One of the viruses that was isolated by the dropper is the banking Trojan Chtonic which is a variant of the infamous Zeus malware.
The Sundown Exploit Kit has used the folowing domains and matching IP addresses in the analyzed attacks:
Why The Sundown Exploit Kit Has Adopted Steganography?
Steganography is one of the most widely used and effective measures that safeguard malware payloads from detection. They rely on the fact that a variety of different files can store binary information and harvested information in containers used by computer users without their knowledge. These include photo, video and audio files which can contain dangerous code which cannot be detected by the user.
You can protect yourself from the exploit kit and its payloads by using a trusted anti-spyware tool. It can scan your computer, remove existing threats and protect your computer from future threats.
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter