We at F-Secure Labs continuously monitor the prevalent threats that customers commonly encounter. Observing the threat landscape, we investigate the infection vectors that cyber criminals use, and we try to find effective ways to protect customers from such attacks.
Below are our top 10 detections that protect our users, and the top two pertains to Exploit Kits and Spam.
First, let’s look at the highest-ranking detection.
Browser Attack: Angler Exploit Kit
Our detection Exploit:JS/AnglerEK.D for Angler EK (currently the most active exploit kit) is usually one of the top in our world map statistics.
In the last 24 hours, it looks like it has launched an aggressive campaign again.
Users usually get infected by visiting a compromised website with injected redirector scripts or malicious ads (malvertising). In this campaign, the hits were coming from compromised websites, and there were also some coming via the OpenX ad platform.
Angler EK continues to deliver Bedep which is known to install a click-fraud trojan, and recently also installs the CryptXXX ransomware.
2016 Sales Invoice 700422016.pdf.js
These two detections on our world map indicate browser and email as top attack channels in delivering malware.
As a reminder, we advise customers to always update their browser to the latest version, and plugins such as Flash Player and Silverlight – we also recommend disabling them when not in use. As for spam, we advise users to be wary of email attachments.