eScan detects and sinkholes malware domains belonging to Styx EK and SweetOrange EK

25th October 2013 | By Mouseworld Now Correspondent |

New Delhi, India, October 25, 2013: eScan, one of the leading Anti-Virus and Content Security Solution providers has detected and sinkholed malware domains belonging to Styx EK and SweetOrange EK that delivered ZBOT, Zero access type of malwares. The main objective of these malwares is to gain foothold into the target systems and deploy other malwares to steal the stored information, insert web-injects, etc.  From the research done by eScan, it is learnt that the malware attacks are done through Drive-By-Download method and primarily uses Java / Java applets to initiate the infection. Domains are specifically registered by the bad actors and servers are hosted to serve the malware. The payloads may vary from Password Stealers to DDOS bots.

For past few months, after actively pursuing Sweet-Orange EK and Styx EK, the research process allowed eScan to discover the domains used by these Exploit Kits (EK) at a consistent rate. Once the malicious domain was identified, eScan initiated a thorough investigation of all the domains associated with this malware campaign. Apart from this, eScan co-ordinated with the Domain Registrar i.e. PublicDomainRegistry (PDR) and provided them with all the necessary evidences which assisted the compliance team of PDR to suspend these malicious domains. This resulted in take-down of more than 1600 domains. The time dedicated by the research team at eScan to complete this operation was between 72 hours to 10 days.

MD & CEO of ESET Govind Rammurthy said, “Exploit kits are one of the major threats faced by IT users across all verticals and segments today. The Exploit Kit packs contain malicious programs that are used to carry out automated Drive-by-Download attacks with an aim to spread malware. Legitimate websites are hacked by cyber criminals and malicious code is injected to detect and exploit vulnerabilities of the applications installed on your computer so as to install malicious software that has the capability to compromise the security of all the data on the affected device. At eScan, our research team continuously works on to ensure secured computing experience to IT users. We are proud that our efforts are helping ensure cyber security to our customers.”

eScan facilitates Heuristic Scanners to its esteemed customers that detect such Drive-by-Download malwares at initial stages of the attack. Customers can take benefit of the free eScanAV Anti-Virus Toolkit (MWAV) that enables to scan and clean Viruses, Spyware, Adware and any other Malware that may have infected your computer  from the below link;

The eScanAV Anti-Virus Toolkit (MWAV) requires no installation and can be run directly from anywhere, on your computer, USB Drive or from a CD ROM and even if you already have other Anti-Virus software installed on your computer. The eScanAV Anti-Virus Toolkit (MWAV) also gets updated on a daily basis with the latest updates to detect recently release spyware and adware, plus the engine is constantly being improvised for faster and intelligent detections.


© Mouseworld Now News Service


Tags: , , , , , , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 7 + 8 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Rashi Peripherals Kick-Starts SI Training Program For Partners more...
  • Toshiba Sends its Storage Partners to Bali Under its Foreign Trip Scheme more...
  • Cloudera Awards Top APAC Partners at annual Partner Summit more...
  • Rashi Peripherals Bags Indywood IT Excellence Award more...
  • Rashi Peripherals Conducts Multi-City Enterprise Partner Meet more...
Subscribe via email

Enter your email address:

What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration