Security News > 2023 > February > Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
The RIG exploit kit touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal.
Exploit kits are programs used to distribute malware to large numbers of victims by taking advantage of known security flaws in commonly-used software such as web browsers.
As a result, visitors using a vulnerable version of a browser to access an actor-controlled web page or a compromised-but-legitimate website are redirected using malicious JavaScript code to a proxy server, which, in turn, communicates with an exploit server to deliver the appropriate browser exploit.
The exploit server, for its part, detects the user's browser by parsing the User-Agent string and returns the exploit that "Matches the pre-defined vulnerable browser versions."
"The artful design of the Exploit Kit allows it to infect devices with little to no interaction from the end user," the researchers said.
"Overall, RIG EK runs a very fruitful business of exploit-as-a-service, with victims across the globe, a highly effective exploit arsenal and numerous customers with constantly updating malware," the researchers said.
News URL
https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html
Related news
- Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware (source)
- Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- WEF Cybercrime Atlas: Researchers are creating new insights to fight cybercrime (source)
- Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel (source)
- SoumniBot malware exploits Android bugs to evade detection (source)
- CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers (source)
- Researchers sinkhole PlugX malware server with 2.5 million unique IPs (source)