Trusted Design

Chinese Government Website Compromised, Leads to Angler

概要

Despite a recent takedown targeting the Angler Exploit Kit (EK), it's back to business as usual for kit operators. On 30-October-2015, ThreatLabZ noticed a compromised Chinese government website that led to the Angler Exploit Kit with an end payload of Cryptowall 3.0. This compromise does not appear targeted and the compromised site was cleaned up within 24 hours. We have noticed some recent changes to Angler, as well as the inclusion of newer Flash exploits. A set of indicators for this compromise is at the end of this post.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense (score: 0.75)
• Another example of Angler exploit kit pushing CryptoWall 3.0 (score: 0.72)
• Large Malvertising Campaign Leads to Angler EK & Bunitu Malware (score: 0.71)
• Unusual Exploit Kit Targets Chinese Users (score: 0.69)
• Alienvault Labs: Malvertising leading to the Angler Exploit Kit (score: 0.67)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る