【公開情報】

◆Bizarro Sundown (NJCCIC, 2016/11/26)
https://www.cyber.nj.gov/threat-profiles/exploit-kit-variants/bizarro-sundown

【ニュース】

◆Locky ransomware spreading via Bizarro Sundown EK (SC Media, 2016/11/08)
https://www.scmagazine.com/locky-ransomware-spreading-via-bizarro-sundown-ek/article/571274/

【ブログ】

◆New Bizarro Sundown Exploit Kit Spreads Locky (Trendmicro, 2016/11/04)
https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/

◆Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate (Tripwire, 2016/11/04)
https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/

◆新しいエクスプロイトキット「Bizarro Sundown EK」を確認。「LOCKY」に誘導 (Trendmicro, 2016/11/07)
http://blog.trendmicro.co.jp/archives/13998

【関連情報】

Timeline and number of Bizarro Sundown victims
出典: https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/

Traffic of Sundown (above) and Bizarro Sundown (below) exploit kits
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/

Part of code that determines the version of Flash Player installed on the system
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/