Spelevo

Status: Active

References:
  • It looks like there is a new EK in town (CVE-2018-15982 inside). See 85.17.197[.101. I first thought about GrandSoft but that's not it. Reminds SPL EK (an evolution?). Going for "Spelevo" as name. cc thx @jspchc @EKwatcher @ring_lcy - 2019-03-07 - Twitter - Kafeine Spelevo CVE-2018-15982
  • More Reading:

  • CVE-2018-15982 (Flash Player up to 31.0.0.153) and Exploit Kits - 2019-01-16 - MDNC - Kafeine CVE-2018-15982 Fallout Underminer Spelevo GreenFlash Sundown
  • PsiXBot: The Evolution Of A Modular .NET Bot - 2019-03-27 - Fox-IT - Stefano Antenucci - Antonio Parata PsiXBot Spelevo
  • Welcome Spelevo: New exploit kit full of old tricks - 2019-06-27 - Talos - Nick Biasini - Caitlyn Hammond Keitaro Spelevo IcedID Dridex
  • Exploit kits: fall 2019 review - 2019-11-19 - Malwarebytes - Jérôme Segura Fallout Underminer Magnitude Spelevo RIG GrandSoft Kaixin