Tag: Neptune Exploit Kit
Finding a Good Man: Part 2
Read Finding a Good Man (Part 1): https://malwarebreakdown.com/2017/03/10/finding-a-good-man/ Read the last update on Good Man: https://malwarebreakdown.com/2017/04/26/update-on-goodman/ It has been over 5 months since I found and started tracking the actor(s) behind what I dubbed the “Good Man” campaign. I called it the Good Man campaign because the registrant email used for many of the malicious domains was goodmandilaltain@gmail.com. ...
A Familiar EK Gets Re-Themed, Again? Meet Eris Exploit Kit.
History of “Neptune EK”: On March 16th, 2017, I received a DM from the author of the now defunct Terror exploit kit. The DM surprised me as he was blocking me on Twitter. The DM was as follows: The bit.ly link redirected me to a server hosting exploits from what was then being marketed by the ...
Neptune Exploit Kit
On 03/10/17 there were postings on various forums about an exploit kit named Neptune. The author claims it has 17 different exploits, including some fresh CVEs from 2017. Below is an image from one of the advertisements: Claimed features include a malicious domain detect rotation trigger, stenography, domain auto-rotator, professional user interface (template for the interface can be found HERE), ...
Malware breakdown 