angler
Cisco Securely Connects the Rio 2016 Olympic Games
2 min read
The Olympic Games represent the pinnacle of athleticism and excellence on the world stage like no other event. The scale of the preparation and production that goes into them is absolutely massive. That’s why providing connectivity and security to the 2016 Olympic Games in Rio was both a challenge and a great honor for Cisco. […]
Angler Catches Victims Using Phish as Bait
1 min read
This post authored by Nick Biasini with contributions from Erick Galinkin. Exploit kits have been a recurring threat that we’ve discussed here on this blog as a method of driving users to maliciousness. Users typically encounter exploit kit landing pages through compromised websites and malvertising. However, we’ve found a new email twist to the standard […]
Malware Word Search: Identifying Angler’s Dictionary
1 min read
This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the […]
Angler Attempts to Slip the Hook
1 min read
This post was authored by Nick Biasini with contributions from Joel Esler and Melissa Taylor Talos has discussed at length the sophistication of the Angler exploit kit. One thing that always makes Angler stand apart is the speed with which they develop and implement new techniques. Whether its domain shadowing, 302 cushioning, encrypted payloads, or […]
Bedep Lurking in Angler’s Shadows
1 min read
This post is authored by Nick Biasini. In October 2015, Talos released our detailed investigation of the Angler Exploit Kit which outlined the infrastructure and monetary impact of an exploit kit campaign delivering ransomware. During the investigation we found that two thirds of Angler’s payloads were some variation of ransomware and noted one of the […]
The Value of Collaboration in Weakening Attackers
2 min read
Today’s attackers deploy complex and clever threats that are difficult to combat with just one method of defense. In some cases, defenders must go beyond tools for detecting attacks and devise a different approach for obstructing our adversaries’ ability to operate. As detailed in the Cisco 2016 Annual Security Report...
Angler for Beginners in 34 Seconds
3 min read
Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [
Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa …
3 min read
This post was authored by Nick Biasini with contributions from Joel Esler, Nick Hebert, Warren Mercer, Matt Olney, Melissa Taylor, and Craig Williams. Executive Summary Today, Cisco struck a blow to a group of hackers, disrupting a significant international revenue stream generated by the notorious Angler Exploit Kit. Angler is one of the largest exploit kit […]
Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense
6 min read
This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught our attention due to a change to the URL […]
1