Security News > 2023 > February > Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

The RIG exploit kit touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal.

Exploit kits are programs used to distribute malware to large numbers of victims by taking advantage of known security flaws in commonly-used software such as web browsers.

As a result, visitors using a vulnerable version of a browser to access an actor-controlled web page or a compromised-but-legitimate website are redirected using malicious JavaScript code to a proxy server, which, in turn, communicates with an exploit server to deliver the appropriate browser exploit.

The exploit server, for its part, detects the user's browser by parsing the User-Agent string and returns the exploit that "Matches the pre-defined vulnerable browser versions."

"The artful design of the Exploit Kit allows it to infect devices with little to no interaction from the end user," the researchers said.

"Overall, RIG EK runs a very fruitful business of exploit-as-a-service, with victims across the globe, a highly effective exploit arsenal and numerous customers with constantly updating malware," the researchers said.

News URL

https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html