【公開情報】
◆Bizarro Sundown (NJCCIC, 2016/11/26)
https://www.cyber.nj.gov/threat-profiles/exploit-kit-variants/bizarro-sundown
【ニュース】
◆Locky ransomware spreading via Bizarro Sundown EK (SC Media, 2016/11/08)
https://www.scmagazine.com/locky-ransomware-spreading-via-bizarro-sundown-ek/article/571274/
【ブログ】
◆New Bizarro Sundown Exploit Kit Spreads Locky (Trendmicro, 2016/11/04)
https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/
◆Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate (Tripwire, 2016/11/04)
https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/
◆新しいエクスプロイトキット「Bizarro Sundown EK」を確認。「LOCKY」に誘導 (Trendmicro, 2016/11/07)
http://blog.trendmicro.co.jp/archives/13998
【関連情報】
Timeline and number of Bizarro Sundown victims
出典: https://blog.trendmicro.com/trendlabs-security-intelligence/new-bizarro-sundown-exploit-kit-spreads-locky/
Traffic of Sundown (above) and Bizarro Sundown (below) exploit kits
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/
Part of code that determines the version of Flash Player installed on the system
出典: https://www.tripwire.com/state-of-security/latest-security-news/bizarro-sundown-exploit-kit-distributing-locky-ransomware-via-shadowgate/