Exploit Kits Responsible for Most Malware Infections

Exploit Kits Responsible for Most Malware Infections


Exploit Kits are a serious cyber threat today and are responsible for the vast majority of malware infections worldwide. 

Exploit kits are sophisticated but malicious programs designed and distributed by cyber criminals. They help fraudsters, hackers, and data thieves breach an organization’s network security by automatically locating vulnerabilities and taking advantage of those weaknesses to gain access.

These nefarious hacking tools are currently available via both public and underground sources and appeal to a wide range of audiences, from inexperienced hackers to black hat professional cybercriminals.

Powerful and Easy to Use

Exploit Kits are a serious cyber threat today and are responsible for the vast majority of malware infections worldwide. They are very destructive:

  • Virtually anyone can use them—they don’t require advanced computer or hacking skills
  • They come equipped with numerous ways to inflict damage, ranging from data exfiltration to encrypting files for ransom
  • Exploit kits generally include advanced evasion techniques that helps to conceal the assault and prevent the attacker from being detected
  • The kits can be automatically upgraded with the latest new attack technologies—just like commercial software 

Most Popular Exploit Kits

We’ve seen a dramatic rise in the sophistication of exploit kits in recent years. Although they’ve been available since at least 2006, new kits appear each year. Popular kits in 2016 include:

  • Angler: A full 80% of drive-by attacks observed in one month (April 2016) were attributed to Angler
  • Magnitude: At one point this year Magnitude made up 31% of the world’s active exploit kits
  • Neutrino: Compromises legitimate websites without being detected by site administrators
  • Rig: Used to install threats on individual PCs and responsible for various ransomware Trojans
  • Sundown: One of the largest domain shadowing implementations ever seen, the Sundown kit and associated malware is invisible to traditional domain blacklist detection solutions
  • Nuclear: Very popular exploit kit available via malware-as-a-service

Staying Vigilant

The wide variety and shear number of readily available exploit kits makes it imperative for organizations to have advanced malware detection solutions.

Corporations that take a casual approach to their security will certainly become a victim, it’s just a matter of time. Staying current and vigilant in the fight against today’s malware is an absolute requirement these days.

Click here to learn more about the Lastline solution for detecting advanced malware  

Brian Laing

Brian Laing

For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles. The author of “APT for Dummies,” he was previously vice president of AhnLab, where he directed the US operations of the internationally known security and software leader. Brian previously founded Hive Media where he served as CEO. He co-founded RedSeal Systems, where he conceived the overall design and features of the product and was granted two patents related to network security. He was also founder and CEO of self-funded Blade Software, who released the industry’s first commercial IPS/FW testing tool.
Brian Laing