Cyber Criminals use Spelevo Exploit kit to distribute malware on fake adult sites
The Spelevo kit is one of the dangerous weapons controlled by remote hackers in order to create numerous adult related websites like gambling, pornography etc and infect them with malware automatically. The hackers use several different strategies to distribute this harmful threats or viruses. A distinctive feature of Spelevo Exploit kit is that its first attacks were discovered back in March this year until they gradually grew.
Malicious adult sites are being spread through Worldwide Spelevo Exploit kit attack:
An experience hacking group has been found that Exploit kit is harmful or dangerous worldwide attack campaign. This malware tools comes under hacking hackers group that can be easily customized to different environments. The main aim of the creation of hacker controlled sites is to show adult contents. To spread such types of threats hackers use social engineering techniques:
Landing pages: The hackers will create multiple adult themed landing pages along with suitable contents. Once you click on the posted links, they will redirect to malware file or script.
Faux copy sites: Fake copies of famous adult sites can be found on similar sounding websites name. The intention of hackers is to manipulate visitors into mistyping them and present them as identical copies without asking question. Effective execution of this trick is done when hackers also copy down the text and design layout.
The Spelevo Exploit kit crafted pages will try to deliver the malware through vulnerability exploitation in Adobe Flash Player and Internet Explorer. Other similar threats like this exploit kit will also have a backup fail mechanism which will be triggered if no vulnerabilities are found. The other malicious payloads will be send to the attackers will be the Ursnif banking Trojan. The security researcher note that instead of redirecting the post victims to hackers made landing page displayed on the Goggle main search engine page after 10 seconds delay. Thus, there is no information available about the hacking group.