WastedLoader’ Campaign Targets Unpatched IE Browsers

April 29, 2021

Bitdefender has released research on a new RIG Exploit Kit campaign targeting unpatched Internet Explorer web browsers.

The campaign exploits VBScript vulnerabilities CVE-2019-0752 and CVE-2018-8174 to deliver a variant of WastedLocker minus the actual ransomware component. The new variant, dubbed WastedLoader by Bitdefender communicates with a C&C acting as a downloader for injecting various payloads into memory (including ransomware).

Bitdefender is urging organizations to ensure IE browser patches are up to date and endpoint security and EDR systems detect IOC’s in the report.

Publisher's website.

Price: FREE

About the Provider

Bitdefender is a Romanian cybersecurity and anti-virus software company. Bitdefender develops and sells anti-virus software, internet security software, endpoint security software, and other cybersecurity products and services.


IE Browser, security, security vulnerabilities