TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究のログ

Bizarro Sundown EK (まとめ)

【公開情報】

◆Bizarro Sundown (NJCCIC, 2016/11/26)
https://www.cyber.nj.gov/threat-profiles/exploit-kit-variants/bizarro-sundown


【ニュース】

◆Locky ransomware spreading via Bizarro Sundown EK (SC Media, 2016/11/08)
https://www.scmagazine.com/locky-ransomware-spreading-via-bizarro-sundown-ek/article/571274/


【ブログ】

◆New Bizarro Sundown Exploit Kit Spreads Locky (Trendmicro, 2016/11/04)
https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/

◆Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate (Tripwire, 2016/11/04)
https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/

◆新しいエクスプロイトキット「Bizarro Sundown EK」を確認。「LOCKY」に誘導 (Trendmicro, 2016/11/07)
http://blog.trendmicro.co.jp/archives/13998


【関連情報】

f:id:tanigawa:20190113192125p:plain
Timeline and number of Bizarro Sundown victims
出典: https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/

f:id:tanigawa:20170131053402j:plain
Traffic of Sundown (above) and Bizarro Sundown (below) exploit kits
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/

f:id:tanigawa:20170131053409p:plain
Part of code that determines the version of Flash Player installed on the system
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019