ReferencesExploit Kits

Neutrino

Job314 - Neutrino Rebooted - Neutrino-v - Status: Retired - Last seen 2017-04-10

References:
  • Hello Neutrino ! (just one more Exploit Kit) - 2013-03-07 - MDNC - Kafeine Neutrino
  • Neutrino : The come back ! (or Job314 the Alter EK) - 2014-11-21 - MDNC - Kafeine Neutrino CVE-2014-6332 CVE-2014-0569 Necurs
  • RIG evolves, Neutrino waves goodbye, Empire Pack appears - 2016-10-22 - MDNC - Kafeine RIG Empire Neutrino Angler Nuclear Sutra BlackHole
  • Finding Neutrino - 2019-08-21 - PTSecurity - Kirill Shipulin Neutrino

    • More Reading:

  • Dridex Actors Get In the Ransomware Game With "Locky" - 2016-02-16 - Proofpoint - Proofpoint Staff Locky Neutrino TA505
  • CVE-2016-1019 (Flash up to 21.0.0.182/187) and Exploit Kits - 2016-04-08 - MDNC - Kafeine CVE-2016-1019 Nuclear Magnitude Cerber Neutrino
  • Neutrino EK: more Flash trickery - 2016-08-12 - Malwarebytes - Jérôme Segura NeutrAds Neutrino
  • Domain Shadowing: HillaryNixonClinton.com Shadowed Domains Lead to Neutrino EK - 2016-08-12 - RiskIQ - Mike Wyatt WordsJS Neutrino
  • Talos ShadowGate Take Down: Global Malvertising Campaign Thwarted - 2016-09-01 - Talos - Nick Biasini WordsJS Neutrino
  • CVE-2017-0022: Microsoft Patches a Vulnerability Exploited by AdGholas and Neutrino - 2017-03-24 - Trend Micro - Brooks Li - Henry Li CVE-2017-0022 AdGholas NeutrAds Neutrino
  • Threat Actor Profile: KovCoreG, The Kovter Saga - 2017-11-01 - Proofpoint - Kafeine Kovter KovCoreG Angler Sweet Orange Nuclear Sakura BlackHole Neutrino Fiesta Styx EITest