Palo Alto Networks

Neutrino EK

Afraidgate: Major Exploit Kit Campaign Switches from CryptXXX Ransomware Back to Locky

By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the ".zepto" variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malware after Angler EK disappeared in early June 2016. As we previously reported, this campaign continues to utilize gate domains using name servers from afraid.org. (more…)

Jul 29, 2016

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.