Security News > 2023 > February > Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
The RIG exploit kit touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal.
Exploit kits are programs used to distribute malware to large numbers of victims by taking advantage of known security flaws in commonly-used software such as web browsers.
As a result, visitors using a vulnerable version of a browser to access an actor-controlled web page or a compromised-but-legitimate website are redirected using malicious JavaScript code to a proxy server, which, in turn, communicates with an exploit server to deliver the appropriate browser exploit.
The exploit server, for its part, detects the user's browser by parsing the User-Agent string and returns the exploit that "Matches the pre-defined vulnerable browser versions."
"The artful design of the Exploit Kit allows it to infect devices with little to no interaction from the end user," the researchers said.
"Overall, RIG EK runs a very fruitful business of exploit-as-a-service, with victims across the globe, a highly effective exploit arsenal and numerous customers with constantly updating malware," the researchers said.
News URL
https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html
Related news
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)