New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer

2022-04-28 01:20

A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan.

"When executed, RedLine Stealer performs recon against the target system and then exfiltrates data to a remote command and control server," Bitdefender said in a new report shared with The Hacker News.

Exploit kits or exploit packs are comprehensive tools that contain a collection of exploits designed to take advantage of vulnerabilities in commonly-used software by scanning infected systems for different kinds of flaws and deploying additional malware.

The primary infection method used by attackers to distribute exploit kits, in this case the Rig Exploit Kit, is through compromised websites that, when visited, drops the exploit code to ultimately send the RedLine Stealer payload to carry out follow-on attacks.

"The RedLine Stealer sample delivered by RIG EK comes packed in multiple encryption layers to avoid detection," the Romanian cybersecurity firm noted, with the unpacking of the malware progressing through as many as six stages.

This is far from the only campaign that involves the distribution of RedLine Stealer.

News URL

https://thehackernews.com/2022/04/new-rig-exploit-kit-campaign-infecting.html

#exploit #exploitkit