Afraidgate: Major Exploit Kit Campaign Switches from CryptXXX Ransomware Back to Locky
By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the ".zepto" variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malware after Angler EK disappeared in early June 2016. As we previously reported, this campaign continues to utilize gate domains using name servers from afraid.org. (more…)