The Purple Fox exploit kit (EK) has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks – and researchers say they expect more attacks to be added in the future.
The Purple Fox EK was
previously analyzed in September, when researchers said that it appears to have been built to replace the Rig EK in the distribution chain of Purple Fox malware, which is a trojan/rootkit. The latest revision to the exploit kit has added attacks against flaws tracked as
CVE-2020-0674 and
CVE-2019-1458, which were first disclosed at the end of 2019 and early 2020.
“This tells us that the authors of Purple Fox are staying up to date on viable exploitable vulnerabilities and updating when they become available,” said researchers with Proofpoint in a
Monday analysis. “It’s reasonable to expect that they will continue to update as new vulnerabilities are discovered.”
