Exploit Kit Usage Spreading Malware and Ransomware Threats Surges in 2016
Hackers and cybercrooks are fundamentally a constant force that cannot be stopped no matter what protection measures are put in place. With that said, it is no surprise to us that the usage of aggressive exploit kits containing sophisticated malware has spiked at the start of 2016.
We have said it time and time again, with each New Year we will have an exponential increase in malware threats and hackers who feed the malicious channels of the Internet with their latest malware concoction. In feeding those channels, the creation and spreading of exploit kits have surged to new heights entering into 2016.
After last year, exploit kit usage spiked by about 75%. This year, the rates are expected be even higher as security researchers from Heimdal Security have identified multiple campaigns involving popularized exploit kits being ramped up. Those exploit kits, identified as Angler, Neutrino and RIG, are known to be culprits in the spread of a good portion of recent malware threats, such as crypto-type ransomware threats like CryptoLocker.
Through the clever use of Black Hat SEO techniques, which basically game the search system so sites that employ exploit kits and malware are queried through popular search terms and keywords. Groups behind exploit kits like Neutrino and RIG are employing such Black hat SEO techniques, which so far have proved to be quite successful on their attack on vulnerabilities within software like Adobe Acrobat, Adobe Flash, Adobe Reader and Microsoft Silverlight.
In addition to the recent exploit kits being circulated this year at higher rates than ever seen before, associated campaigns are circulating Trojan horse threats that steal financial data, such as Pony infostealer and TofSee Trojan. The collective force of the exploit kits and the vast spread of their associated malware threats account for the threats being deployed to over 90,000 websites this year. Based on traffic estimates by researchers, the compromised and exploited sites have seen over 11 million visitors in just the past month.
Among the exploit kits being utilized this year at much higher rates than before, Angler proves to be the most prevalent where it has been deployed in 30% of all compromised websites. Angler has also been found to be among the most technically advanced exploit kits when you look at the collective of currently-active threats. Additionally, Angler may be the culprit in the case of spreading recent ransomware threats, which have proven to be among some of the most dangerous and destructive malware threats thus far primarily due to their ability to encrypt files.
Various vulnerabilities have been the target of recent exploit kits, also aiding to their exponential increase across compromised websites. As an example, the Flash security vulnerability (CVE-2015-7645) has been one of many that has allowed exploit kits to scan users and infects them with a particular type of malware. Most of the websites infected through use of the Angler exploit kit have been ones that ranked on the Alexa's top 100,000, which are naturally going to get good search rankings and show up on many search queries. Essentially, such methods and clever exploit kit campaign methods give hackers the upper hand at spreading their malevolent software through the use of aggressive exploit kits.
This year has started off to be one for the record books already. The insurgence of exploit kits is only one aspect that we expect to see get out of hand, along with the spread of other sophisticated malware campaign platforms.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.