The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. “RIG EK is a financially-motivated program that has been active since 2014,” Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News. “Although it has yet to substantially change its exploits […]
A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. “When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN […]
Researchers uncovered an information-stealing malware called Raccoon that delivered by the Fallout and RIG Exploit Kits to steal sensitive data from compromised victims’ devices. Raccoon malware reportedly hacked more than 100,000 computers around the world since April 2019, and the malware believed to be delivered from a team of Russian hackers. Malware doesn’t use any stealthy infection technique, and […]
Hackers now using Rig Exploit Kit to exploiting the Internet Explorer (IE) remote code execution vulnerability ( CVE-2018-8174) with integrating a cryptocurrency-mining malware to mine Monero by Compromising Windows PC. This vulnerability affected Windows 7 and later versions also this powerful exploit work via Microsoft Office documents and Internet Explorer (IE). Rig Exploit Kit delivered various payload […]
A new CryptoMix, or CryptFile2, variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below. As a note, in this article I will be referring to this […]
Today’s most prolific exploit kit is RIG, which has filled a void left by the departure of Angler, Neutrino and Nuclear. That has made it public enemy No. 1 when it comes exploit kits. Now Cisco Talos researchers are hoping to shed new light into the ongoing development of the potent EK in hopes of neutralizing […]
A new ransomware called Alma Locker has been discovered by Proofpoint researcher Darien Huss that encrypts a victim’s data and then demands a ransom of 1 bitcoin within five days. There has been a lot of ransomware released lately, but thankfully most of them have been broken implementations or have had suspended command and control servers. Though Alma Locker still […]
Security experts at Heimdal Security are warning a spike in cyber attacks leveraging the popular Neutrino and RIG exploit kit. Cyber criminals always exploit new opportunities and users’ bad habits, now crooks behind the recent campaigns relying on Neutrino and RIG exploit kits are ramping up attacks against users that haven’s patched their Adobe Flash software. “It […]
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team […]
A previously discovered browser hijacker malware dubbed as CeidPageLock has resurfaced again, in a bigger and better avatar, reveal researchers at Check Point security firm. This time around it is loaded with new features and is being distributed through the RIG Exploit kit. Trend Micro states that among all the exploit kits, the RIG is […]
Late last week saw the appearance of a new ransomware called GandCrab. Surprisingly, it is distributed via two exploit kits: RIG EK and GrandSoft EK. Why is this surprising? Other than Magnitude EK, which is known to consistently push the Magniber ransomware, other exploit kits have this year mostly dropped other payloads, such as Ramnit or SmokeLoader, […]
Another major exploit kit (EK) looks like it’s heading for the EK graveyard as activity from the RIG EK has fallen to less than 25% of what the exploit kit used to handle three months ago, in March 2017. RIG EK’s decline in activity fits a pattern observed on the entire EK market in the […]
Brad Duncan, a security researcher for Rackspace, is well known for monitoring exploit kit activity and the payloads that are being distributed by them. In an article posted yesterday, Brad shows how the RIG-E (Empire) exploit kit has started to distribute a new ransomware called CHIP. When a visitor browses to a site compromised with […]
A new ransomware called CryptoLuck has been discovered by Proofpoint security researcher and exploit kit expert Kafeine that is being distributed via the RIG-E exploit kit. While it has become common to see new ransomware variants being distributed daily, it is not as common to find new ransomware infections being distributed via exploit kits. Seeing this type […]