• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • Ransomware Services
    • Ransomware Removal
    • Ransomware File Recovery
  • News
  • Tutorials
  • Ransomware TV

Cyber Security Personnel Seizes a Web Network Responsible for Ransomware Distribution

April 20, 2018Simeon Georgiev

In a significant development, a team of cyber security experts has seized the operations of a large malicious malware distribution network called ‘EITest’, responsible for many banking Trojans and ransomware attacks. Millions of dollars have been spent in malware removal and ransomware repair works caused by the shenanigans of EITest.

In a joint effort, security researchers from different platforms have succeeded in establishing a sinkhole for all the web traffic compromised by the network of EITest. EITest was running a large network of hundreds of legitimate compromised websites that were doing millions of redirects each day to several exploit kits. Almost all the web browsers (Firefox, Chrome, Internet Explorer etc) were affected by this malevolent activity.

The network was responsible for redirecting the compromised browsers to several exploit kits of banking Trojans and noteworthy ransomware strains. With cyber security researchers controlling the compromised web traffic through sinkhole, operators of this malicious network are now unable to exploit web traffic and to redirect users to dangerous exploit kits.

A three week analysis of the network after its seizure shows that more than 50,000 web servers are part of EITest network that have made nearly 40 million redirections requests. If the traffic were not controlled through the sinkhole, then hundreds and thousands of users would have ended in taking the payloads of intended ransomware strains.

We can say that many potential ransomware attacks have been prevented with the security usurp of the EITest networks. Ransomware operators use such services to spread their cryptovirological codes. It’s worth mentioning that EITest was operational since 2011 and enabled many ransomware and Trojan attacks during that period.

A Preemptive Strike

People in the industry are terming the development of sinkhole to seize the operation of EITest as a preemptive strike against many future ransomware attacks. EITest networks were known to support the exploit kits of four different ransomware strains. Preemptively taking care of cryptographic threat has saved many individuals and organizations from costly ransomware repair activities that are needed to decrypt the locked down files of the affected devices.

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: [email protected]
Previous post Ransomware Protection is Included in Forthcoming Windows 10 Update Next post A Quick Recap How Allscripts Dealt With the Ransomware Attack

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

BitPaymer Ransomware Traced Back to Dridex Developers

February 1, 2018Simeon Georgiev
BitPaymer Ransomware Traced Back to Dridex Developers

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • How to protect your organization against ransomware reinfections
  • AuKill Helps Ransomware Operators Disable EDR and Security Tools
  • AI-ransomware is a real threat, just not a realistic one yet
  • Rorschach is the new speed king in the ransomware space
  • The Role of Supply Chain Breaches in Ransomware Attacks

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.