A two-year-old EITest malware campaign is still going strong, fueled by the fact it has shifted its distribution technique over time. Now, researchers at the SANS Institute’s Internet Storm Center, are reporting EITest is morphing again based on analysis of the malware campaign conducted earlier this month.
According to researcher Brad Duncan, the EITest malware campaign is being refueled by the fact it is shifting from the Angler exploit kit to the Neutrino exploit kit.
“During its run, I had only noticed the EITest campaign use Angler EK to distribute a variety of malware payloads. That changed earlier this month, when I noticed an EITest gate leading to Neutrino EK instead of Angler,” Duncan wrote in an Internet Storm Center post.