- Posted December 03, 2015
- Security Advisories
The National Cyber Security Centre (NCSC) advises that it is noting an increase in attacks employing a variety of known Exploit Kits which have infected websites in New Zealand.
Exploit kits are a type of malicious toolkit used to exploit security holes found in browsers and browser plug-ins (Adobe Flash, for example) for the purpose of spreading malware.
Exploit kits pose a serious threat to all computer users ranging from private users to corporate networks. Exploit kits can be more difficult to detect as they are often triggered by visiting legitimate, compromised web pages.
It is most important to ensure that browsers and browser plug-ins are updated regularly to the latest versions. Antivirus applications and signatures should also be kept up to date.
NCSC has noted the following redirect sites hosting exploit kits, and where possible these should be blocked by network administrators:
1vaal.madelynrosexxx.com
aaneenschakelden.gr8cigar.com
affogarono.saturnsonly.com
antillaistumeonekana.virtual-pa.org
chastenment-beautyparlor.expresscareindiana.com
chinereteaartsvaders.kylehayward.com
chunkiermicromic.peapodlocalfarmbox-midatlantic.com
conferarisdibattito.four19youth.com
fdseln.isue4you.ms
gnibbor.biggain.info
graptolithaveromuutokset.theellise.com
hiukkaspstistcorporator.rajivparikh.com
honesty0enameru.sendasis.com
malezyjskiej-verabfolge.position2.com.cn
nagtariewedukecohan.clerclx.info
petalodus-annaeherungsversuches.grownandsexypittsburgh.com
stykov-hufon.hemimax.com
supercheries.wreckclaims.com
uunila-wervenbos.hemimax.com
zoemde.mercedesbnzonly.com
The following IP addresses have been noted as hosting exploit kits. Communication to the following IP addresses may indicate exploit kit activity but blocking should only be considered on a case by case basis as IP addresses may have multiple users or be reassigned.
8.26.21.112
51.255.25.29
65.111.190.159
80.78.251.5
94.242.57.16
94.250.249.236
109.123.117.198
136.243.228.196
146.185.243.21
151.80.126.221
178.20.159.87
204.45.251.196
209.133.216.182
The NCSC can be contacted by email via incidents@ncsc.govt.nz or by phone on: 04 498 7654.