0 0 APP

RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

发布于 2018/06/29 FireEye Blog
Introduction Through FireEye Dynamic Threat Intelligence (DTI), we observed RIG Exploit Kit (EK) delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner (similar has been activity reported by Trend Micro). Apart from leveraging a relatively lesser known injection technique, the attack chain has some other interesting properties that we will touch on in this blog post. Attack Chain The attack chain starts when the user visits a compromised website that loads the RIG EK landing page in an iframe. The RIG E... 登录后阅读全文