Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive infections don’t go unnoticed by Sucuri and we immediately recognized that the infection in their writeup belonged to the campaign we internally refer to as “ndsw/ndsx” malware. We’ve been tracking this particular campaign since February 2019 — however, some variations have even older reference dates.

Continue reading Analysis of the Massive NDSW/NDSX Malware Campaign at Sucuri Blog.

Pin It on Pinterest