Tag: Kovter

3ve – Major online ad fraud operation disrupted

November 29, 2018

International law enforcement swoops on fake ad viewing outfit. On Monday, October 22nd, a disruption action involving law enforcement bodies worldwide targeted “3ve”, a major online ad fraud operation. Today, on November 27, 2018, a 13-count indictment against eight defendants was unsealed. Out of these eight defendants, three are in custody and awaiting extradition. Ad fraud campaigns … More 3ve – Major online ad fraud operation disrupted

Sathurbot: Distributed WordPress password attack

April 6, 2017

This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts. The torrent leecher Looking to download a movie or software without paying for it? There might be associated risks. It just might … More Sathurbot: Distributed WordPress password attack

Nemucod serves nasty package: Combining ransomware and ad-clickers

August 18, 2016

Nemucod, previously one of the worst infecting malware types in Ireland is causing mayhem again. Just last week ESET reported on Nemucod shifting away from ransomware and downloading the ad-clicking malware Kovter instead. Now, it seems that the operators of the notorious downloader went a step further and are serving their victims the whole package … More Nemucod serves nasty package: Combining ransomware and ad-clickers

Nemucod is back and serving an ad-clicking backdoor instead of ransomware

August 9, 2016

Nemucod, the Trojan that affected Ireland worst in 2016 is back with a new campaign. Instead of serving its victims ransomware, it delivers an ad-clicking backdoor Trojan detected by ESET as Win32/Kovter. As a backdoor, this trojan allows the attacker to control the machine remotely without the victim’s consent or knowledge. The currently used variant … More Nemucod is back and serving an ad-clicking backdoor instead of ransomware