Trusted Design

Large Malvertising Campaign Leads to Angler EK & Bunitu Malware

概要

Websense® Security Labs™ researchers have been monitoring a mass scale malvertising campaign that leads to Angler Exploit Kit. The attack has affected users browsing to many popular sites, including CNN Indonesia, the official website of Prague Airport, Detik, AASTOCKS, RTL Television Croatia, and the Bejewled Blitz game on Facebook. According to SimilarWeb, these sites have a combined total of at least 50 million visitors per month.

Created: 2026-02-23

Indicators

• hostname - ns1.quixjoumnf.com -
• FileHash-SHA1 - feb33f3a3ac53203697d2b04ddbefa038b199a21 -
• hostname - nsb.quixjoumnf.com -
• FileHash-SHA1 - 004e9a3ea2670a76ee90067ff29816c31908e552 -
• hostname - ns0.quixjoumnf.com -
• FileHash-SHA1 - fc512fc9ad3501aecf8fab06d2c76447879520d0 -

類似Pulses

• Alienvault Labs: Malvertising leading to the Angler Exploit Kit (score: 0.76)
• Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense (score: 0.72)
• Chinese Government Website Compromised, Leads to Angler (score: 0.71)
• Large Malvertising Campaign Goes (Almost) Undetected (score: 0.71)
• The Casino Malvertising Campaign (score: 0.70)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る