Malcovery Security Issues Special Brief on the Asprox/Kuluoz Malware Used in EZPass Email Security Attack

Share Article

This free comprehensive report looks at how the threat persists and what actions should be taken.

Brendan Griffin, Threat Analyst, Malcovery Security

The Asprox malware is important because it's a great example of how email-based threats get through existing security technologies.

Malcovery®, the leader in delivering actionable intelligence that can be applied to neutralize the threats and actions by cyber criminals in the areas of phishing, spam and malware, released today a ‘Special Brief: Today’s Top Threats Report: Asprox/Kuluoz Malware,” a free threat intelligence briefing that details the malware that was used in the recent headline making attacks on E-ZPass. Unfortunately, E-ZPass is the latest in a long list of brands infected by this dangerous malware.

Over the past few weeks, there have been many warnings published by news outlets concerning the E-ZPass phishing attacks, advising consumers to ‘delete the email.’ While this is clearly good advice for the consumers in terms of dealing with the short term ‘symptoms’ of the phishing attack, more needs to be done to address the root cause of email-based threats and to stop future attacks. In many cases, networks have been breached as a result of these style of attacks, and enterprises don't even realize they have been compromised. Ultimately, even the best email security solutions are prone to failure and hostile emails bearing this malware are likely to present within protected environments.

This exclusive report by Malcovery is the first analysis of how it happened and what action you can take.

This special Today's Tops Threats (T3) report describes:

  •     The recent history of the Asprox/Kuluoz malware
  •     The tactics utilized by online criminals to secure new infections
  •     How this malware takes advantage of the machines which have already fallen victim to these attacks

“The Asprox malware is important because it's a great example of how email-based threats get through existing security technologies,” stated Brendan Griffin, co-author of the report, and Malcovery Threat Analyst. ‘This malware is persistent, like much of email-based malware we see at Malcovery. That's why we're putting out this complimentary Special Brief’ to help consumers protect their networks.”

To receive a copy of this report, please visit

Malcovery also issued a series of blogs on Asprox and the E-ZPass attack that can be found here:

“Protecting your network and your brand begins with understanding that your current email security—including Security Awareness Training, Web Browser Filters, Email Filters, Web Gateway Blacklists, Takedown Vendors and even DMARC---is good but not sufficient,” stated Greg Coticchia, President, CEO and cofounder of Malcovery Security. “67% of the time, email was the threat vector for an attack. Ten percent (10%) of all email threats get through current defenses and one (1) out of every two-hundred (200) of those are effective. Moving from ‘detect and respond’ to ‘intelligence led’ is a necessity in todays computing environment.”

Malcovery was launched in early 2013 as a result of an exclusive worldwide license with the University of Alabama at Birmingham (UAB) and based on research conducted at the UAB Center for Information Assurance and Joint Forensics Research (CIA|JFR). The company has quickly gained commercial success with enterprise customers such as eBay, Facebook, IBM, VISA, Citi, Assurant, Regions, and Dollar General. Key business/technology partners and resellers include IBM, Agari, ReturnPath, Internet Identity (IID), PPMA, Bishop Technologies and ReSoft International.

About Malcovery® Security
Malcovery Security protects networks and brands against email-based attacks. It is the leading provider of actionable cyber security intelligence and forensic analysis about email-based threats (phishing, spam and malware).

Delivered as a suite of subscription services, the company's patented and patent-pending technology provides the ability to identify the root sources of cybercrime attacks (servers, perpetrators, locations, etc.), delivering rich actionable intelligence information about cross-brand attacks and targeted attacks, as well as advanced notification of emerging email-based threats.

Unlike services that serve only as a reactive response to these attacks today--services that simply address the symptoms but cannot provide the intelligence to actually stop the cybercriminal and their activities--Malcovery Security's solutions provide the unique intelligence required to respond effectively to attacks on customers' brands to disrupt email-based threats on an organization.

Malcovery Security has offices in Pittsburgh, PA and Birmingham, AL. For more information, please visit or connect with Malcovery on Facebook (, Twitter (@malcovery), and LinkedIn (

Editor's Note: Malcovery® is a registered trademark. 'Identify the Source. Stop the Threat.’ is a trademark of Malcovery Security, LLC. All other trademarks mentioned herein are the protected properties of their respective owners.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kelly Doyle
Malcovery Security, LLC
(855) 625-2683 Ext: X700
Email >
Follow us on
Visit website