Anti-Malware Research Whitepapers

A close look at Fallout Exploit Kit and Raccoon Stealer

Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in August 2018, threat actors have intensively used the Fallout Exploit Kit to deliver ransomware (GandCrab, Kraken, Maze, Minotaur, Matrix and Stop), Banker Trojans (DanaBot) and information stealers (RaccoonStealer, AZORult, Vidar), and others.

Malicious ads have become a standard means for exploit kits to reach vulnerable systems. Because of the complex redirection chain provided by ad services, malicious ads remain an extremely effective attack vector to deliver exploits and, finally, malware.

Bitdefender researchers Mihai Neagu and Cosmin Carp have taken a closer look at the Fallout Exploit kit as used in a campaign that leads to Raccoon Stealer. The key findings are available in the paper below.

Download the whitepaper

About the author

Avatar

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

About the author

Mihai Neagu

Mihai Neagu

Passionate about reverse engineering, Mihai worked on malware analysis and detection techniques in the past. Now he is doing research on exploit detection and mitigation for Windows applications.

About the author

Cosmin Mihai CARP

Cosmin Mihai CARP

Cosmin Carp is a Junior Security Researcher at Bitdefender. He focuses on new malware and exploit analysis. In his spare time, he also experiments a lot by writing his own programming languages, compilers and emulators.