Nuclear Exploit Kit Shuts Down As Researchers Probe Its Infrastructure

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Even before the Angler Exploit Kit (EK) shut down operations towards the end of May and start of June, the Nuclear Exploit Kit was dead and gone, according to multiple sources in the security industry.

The Nuclear EK was one of the biggest sources of ransomware infections, being notorious for delivering the Locky ransomware, among many other threats.

The exploit kit was always popular, being one of the top five exploits kits in usage, but around April 30, multiple sources say they stopped seeing any type of activity from Nuclear's infrastructure as if someone had pulled the plug and never returned.

Check Point report leads to Nuclear's shutdown
Check Point says that this happened after the company published an in-depth two-part analysis of the exploit kit's activity. The first of those parts had appeared about a week before security firms noted Nuclear's disappearance.

While the first part sliced up Nuclear's technical mode of operation, the second part that came around mid-May showed a glimpse of the kit's financial side, revealing that EK's authors may be based in Krasnodar, Russia, and were probably making around $100,000 per month.

Check Point's report seems to have scared the crooks operating this malware-as-a-service infrastructure, who opted to merge back into the shadows and enjoy their money.

Other companies confirm Nuclear's disappearance
Besides Check Point, French security researcher Kafeine also noted on Nuclear's demise when he first published news about Angler's shutdown.

A few weeks later, Symantec also noted Nuclear's disappearance, saying, "The Nuclear exploit kit, which topped April’s list, has dropped out of the top five this month, likely due to research that was published in late April, shedding light on the toolkit’s infrastructure and likely leading to disruptions."

After Nuclear and Angler shut down, the exploit kit market has been dominated by the Neutrino EK, followed by Magnitude, RIG, and Sundown
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Conspiracy theory, even though you can kill the main source however everything are well backed up and revenues should circulate for such economy stability.

Weaponized malware will be an instrument by major institutions.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top