KovCoreG

- MaxTDS - 3ve2

References:
  • Large Kovter digitally-signed malvertising campaign and MSRT cleanup release - 2016-05-10 - Microsoft - Microsoft Defender ATP Research Team KovCoreG Kovter
  • Kovter Group malvertising campaign exposes millions to potential malware and fraud - 2017-10-07 - Proofpoint - Kafeine - Proofpoint Staff KovCoreG Kovter
  • Threat Actor Profile: KovCoreG, The Kovter Saga - 2017-11-01 - Proofpoint - Kafeine Kovter KovCoreG Angler Sweet Orange Nuclear Sakura BlackHole Neutrino Fiesta Styx EITest
  • More Reading:

  • YouTube Ads Lead To Exploit Kits, Hit US Victims - 2014-10-14 - Trendmicro - Joseph C. Chen Kovter KovCoreG Sweet Orange
  • CVE-2014-0569 (Flash Player) integrating Exploit Kit - 2014-10-21 - MDNC - Kafeine CVE-2014-0569 Chthonic Fiesta Angler Astrum Sweet Orange FlashPack RIG Magnitude KovCoreG Kovter
  • Major malvertising campaign spreads Kovter Ad Fraud malware - 2015-01-08 - Malwarebytes - Jérôme Segura KovCoreG Kovter Sweet Orange
  • Angler Exploit Kit Strikes on MSN.com via Malvertising Campaign - 2015-08-27 - Malwarebytes - Jérôme Segura KovCoreG Kovter
  • A fiddler of that https Kovter SocEng Kit (pw: malware) - 2016-05-10 - Twitter - Kafeine KovCoreG Kovter