In a recent write up by Threat Post, security bloggers have asked the question; where have all of the Exploit Kits gone? Exploit Kits or EKs are a type of malicious toolkit that contains a number of pre-written exploits that are used for targeting various browser plugins such as Java and Adobe Flash. EKs are usually embedded in unknowing websites or used in malvertising campaigns, which springs into action if the exploit can detect a vulnerability in a visitor’s browser or web application. Malvertising is the act of embedding malware in online ads that is unknowing to users clicking on the site. EKs were once very popular amongst cybercriminals and seem to have lately vanished. It is stated that new technology, new threats and the reoccurrence of old threats have taken the place of the once popular Angler, Neutrino and Nuclear Exploit Kits. Many security researchers speculate that the reason for the decline in using EKs are because of recent arrests of Lurk and the recent take down of hackers that were involved in the deployment of The Neutrino Exploit Kit in a joint Cisco and GoDaddy operation. The combined operation took down a large number of malvertising campaigns that were spread by the use of various EKs. Adobe products were often the target of EKs, however, because of the recent upgrade in defense of Adobe products this to have had an immediate impact towards the deployment of EKs. According to security researchers at Qualys, more than 3 billion scans that they performed each year, in 2016 Adobe flash vulnerabilities were patched about 40 percent faster as compared to the prior year. Fortunately, this implies that the industry is doing a much better job with patching and fixing Flash more quickly.

By Randall Sylvertooth, MSc

Reference: https://threatpost.com/where-have-all-the-exploit-kits-gone/124241/



For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.

Gaithersburg, MD, USA