Wednesday, October 5, 2016

Exploit Kit Author

Wapack Labs has discovered an exploit kit author, selling within the Dark Web.  Analysts encountered this kit in September 2016, as the most popular/sought after exploit kit amongst Brazilian hackers during the 2016 Rio Olympics.  Wapack Labs analysts often research breaches of cyber security in numerous corporate and government cyber-attack incidents.  This report contains identity, Dox and TTP information of actor - provided for your situational awareness.

Publication date:                        03 October 2016

Handling requirements:            Traffic light protocol (TLP) GREEN

Attribution/Threat Actors:       Russian author

Actor Type:                                 Adversary capabilities have been assessed as Tier IV*

Potential Targets:                       Worldwide individuals, corporation and/or governments

Past Reporting:                           N/A

*Criminal or state actors who are organized, highly technical, proficient, well-funded professionals working in teams to discover new vulnerabilities and develop exploits.

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.