- Jan 24, 2011
- 9,379
Angler, the world's most popular exploit kit, appears to have shut down, as cyber-criminals are moving their operations to other exploits kits such as Neutrino, RIG, and Sundown, according to a tip received by Softpedia from Jerome Segura of Malwarebytes.
If this is the first time you read about an exploit kit such as Angler, these are specialized Web-based applications that sit on a website and await visitors. Crooks use malvertising attacks, hidden redirections on hacked sites, or spam campaigns to send traffic to these Web pages.
Here, exploit kits (EKs) like Angler test the user's locally-installed software and detect vulnerable versions. They then deliver malicious code via JavaScript, Flash, or Silverlight that exploit these weaknesses in order to download and install malware in what's known as a drive-by download. Most users never notice anything, unless their have antivirus software installed on their computers.
Top malvertising actors have already switched to the Neutrino EK
Mr. Segura, whose company is an expert on malvertising campaigns and exploit kit usage, has been blogging lately about multiple cyber-crime operations that have startedswitching away from the Angler Exploit Kit (EK).
The same things were also reported by a security researcher named Kaffeine (Malware don't need Coffee blog) and Brad Duncan (Malware Traffic Analysis blog).
All three say that important actors in the malvertising scene are now migrating to other exploit kits, but mainly Neutrino.
"The changes we saw are profound," Segura told Softpedia. "Some actors only ever worked with Angler, esp. those top malvertising campaigns."
Read more: All Clues Point to the Death of the Angler Exploit Kit
If this is the first time you read about an exploit kit such as Angler, these are specialized Web-based applications that sit on a website and await visitors. Crooks use malvertising attacks, hidden redirections on hacked sites, or spam campaigns to send traffic to these Web pages.
Here, exploit kits (EKs) like Angler test the user's locally-installed software and detect vulnerable versions. They then deliver malicious code via JavaScript, Flash, or Silverlight that exploit these weaknesses in order to download and install malware in what's known as a drive-by download. Most users never notice anything, unless their have antivirus software installed on their computers.
Top malvertising actors have already switched to the Neutrino EK
Mr. Segura, whose company is an expert on malvertising campaigns and exploit kit usage, has been blogging lately about multiple cyber-crime operations that have startedswitching away from the Angler Exploit Kit (EK).
The same things were also reported by a security researcher named Kaffeine (Malware don't need Coffee blog) and Brad Duncan (Malware Traffic Analysis blog).
All three say that important actors in the malvertising scene are now migrating to other exploit kits, but mainly Neutrino.
"The changes we saw are profound," Segura told Softpedia. "Some actors only ever worked with Angler, esp. those top malvertising campaigns."
Read more: All Clues Point to the Death of the Angler Exploit Kit
