Sponsored By

Exploit Kits: Winter 2017 ReviewExploit Kits: Winter 2017 Review

We take another look at the current EK scene by going over RIG, Sundown, Neutrino and Magnitude.

Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes

March 28, 2017

1 Min Read

A few months have passed since our Fall 2016 review of the most common exploit kits in our telemetry and honeypots.  Since then, there haven’t been any major changes. Exploit kit-related infections remain low compared to those via malicious spam. This is in part due to the lack of fresh and reliable exploits in today’s drive-by landscape.

Pseudo-Darkleech and EITest are the most popular redirection campaigns from compromised websites. They refer to code that is injected into – for the most part – WordPress, Joomla and Drupal websites, and automatically redirects visitors to an exploit kit landing page.

Malvertising campaigns keep fueling redirections to exploit kits as well, but can greatly vary in size and impact. The daily malverts from shady ad networks continue unchanged, while the larger attacks going after top ad networks and publishers come in waves.

In the following video, we do a quick overview of those exploit kits; if you are interested in the more technical details please visit Malwarebytes Labs for additional information on each of them.

About the Author(s)

Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes

Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes

Contributor

Jérôme Segura is a senior security researcher at Malwarebytes Labs where his duties range fromstudying web exploits to tracking down online scammers. He spent over five years cleaning malware offpersonal computers using existing tools and writing his own signatures. At the same time, he developed his own system for catching drive-by downloads, which eventually led to a URL blacklist service. In more recent years, he assisted website owners by removing malware from their WordPress or Joomla sites as well as securing their servers from further infections. He is a regular contributor to Malwarebytes Unpacked, the company's security blog.

See more from Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Okta logo
Application Security
Okta Breach Widens to Affect 100% of Customer BaseOkta Breach Widens to Affect 100% of Customer Base
byBecky Bracken, Editor, Dark Reading
Nov 30, 2023
4 Min Read
Businesswoman with ponytail in black suit and businessman in black suit with laptop sit at office desk with stack of presents, look at laptop
Endpoint Security
10 Holiday Gifts for Stressed-Out Security Pros10 Holiday Gifts For Stressed-Out Security Pros
byEricka Chickowski, Contributing Writer
Nov 30, 2023
10 Slides
A row of brown cowboy boots in the su
Endpoint Security
Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCsCritical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs
byNathan Eddy, Contributing Writer
Dec 1, 2023
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events