All Clues Point to the Death of the Angler Exploit Kit

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Angler, the world's most popular exploit kit, appears to have shut down, as cyber-criminals are moving their operations to other exploits kits such as Neutrino, RIG, and Sundown, according to a tip received by Softpedia from Jerome Segura of Malwarebytes.

If this is the first time you read about an exploit kit such as Angler, these are specialized Web-based applications that sit on a website and await visitors. Crooks use malvertising attacks, hidden redirections on hacked sites, or spam campaigns to send traffic to these Web pages.

Here, exploit kits (EKs) like Angler test the user's locally-installed software and detect vulnerable versions. They then deliver malicious code via JavaScript, Flash, or Silverlight that exploit these weaknesses in order to download and install malware in what's known as a drive-by download. Most users never notice anything, unless their have antivirus software installed on their computers.

Top malvertising actors have already switched to the Neutrino EK
Mr. Segura, whose company is an expert on malvertising campaigns and exploit kit usage, has been blogging lately about multiple cyber-crime operations that have startedswitching away from the Angler Exploit Kit (EK).

The same things were also reported by a security researcher named Kaffeine (Malware don't need Coffee blog) and Brad Duncan (Malware Traffic Analysis blog).

All three say that important actors in the malvertising scene are now migrating to other exploit kits, but mainly Neutrino.

"The changes we saw are profound," Segura told Softpedia. "Some actors only ever worked with Angler, esp. those top malvertising campaigns."

Read more: All Clues Point to the Death of the Angler Exploit Kit
 

1qay1qay

Level 1
Verified
Apr 17, 2016
36
There is no locigical reason to them to stop now - to much easy many with basically no risk for them ( if using bitcoin and tor properly). Like @pablozi says we can be sure that they are at this time upgrading and "optimizing" process, since they (must) be thinking that they leave to mouch money on table .... we will see more sophisticated attacks i am afraid .... like combinating mischa+petya ... myebee even some semi manual attack that will first manual looking for our lan bckups with help of some rented cheap entry level hacker....
 
  • Like
Reactions: DardiM and enaph

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Basically one main logic reason is go to the biggest or backup ones to improve more on the exploit kits.

Since the article stated to be possible presumption, the problem here is the game is not yet over. ;)

Exploit attacks = Money spend = Money revenue
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top