#page

EXPLOIT KITS

Known Exploit kits

Latest New variants
Exploit Kit Variants disdain NJCCIC
Exploit Kit Variants disdain NJCCIC
Disdain
Exploit Kit Variants disdain NJCCIC
Exploit Kit Variants disdain NJCCIC
Exploit Kit Variants disdain NJCCIC
Exploit Kit Variants disdain NJCCIC
Terror
Exploit Kit Variants Terror EK NJCCIC
Exploit Kit Variants Terror EK NJCCIC
Terror
Exploit Kit Variants Terror EK NJCCIC
Exploit Kit Variants Terror EK NJCCIC
Exploit Kit Variants Terror EK NJCCIC
Exploit Kit Variants Terror EK NJCCIC
Exploit Kit Variants DNSChanger NJCCIC
Exploit Kit Variants DNSChanger NJCCIC
DNSChanger
Exploit Kit Variants DNSChanger NJCCIC
Exploit Kit Variants DNSChanger NJCCIC
Exploit Kit Variants DNSChanger NJCCIC
Exploit Kit Variants DNSChanger NJCCIC
Exploit Kit Variants Stegano NJCCIC
Exploit Kit Variants Stegano NJCCIC
Stegano
Exploit Kit Variants Stegano NJCCIC
Exploit Kit Variants Stegano NJCCIC
Exploit Kit Variants Stegano NJCCIC
Exploit Kit Variants Stegano NJCCIC
Exploit Kit Variants RIG NJCCIC Comment
Exploit Kit Variants RIG NJCCIC Comment
RIG
Exploit Kit Variants RIG NJCCIC Comment
Exploit Kit Variants RIG NJCCIC Comment
Exploit Kit Variants RIG NJCCIC Comment
Exploit Kit Variants RIG NJCCIC Comment
Sundown
Exploit Kit Variants Sundown NJCCIC
Exploit Kit Variants Sundown NJCCIC
Sundown
Exploit Kit Variants Sundown NJCCIC
Exploit Kit Variants Sundown NJCCIC
Exploit Kit Variants Sundown NJCCIC
Exploit Kit Variants Sundown NJCCIC
Exploit Kit Variants NJCCIC
Exploit Kit Variants NJCCIC
Bizarro Sundown
Exploit Kit Variants NJCCIC
Exploit Kit Variants NJCCIC
Exploit Kit Variants NJCCIC
Exploit Kit Variants NJCCIC
Floki Bot
Exploit Kit Variants Floki Bot NJCCIC
Exploit Kit Variants Floki Bot NJCCIC
Floki Bot
Exploit Kit Variants Floki Bot NJCCIC
Exploit Kit Variants Floki Bot NJCCIC
Exploit Kit Variants Floki Bot NJCCIC
Exploit Kit Variants Floki Bot NJCCIC
Exploit Kit Variants Neutrino NJCCIC
Exploit Kit Variants Neutrino NJCCIC
Neutrino
Exploit Kit Variants Neutrino NJCCIC
Exploit Kit Variants Neutrino NJCCIC
Exploit Kit Variants Neutrino NJCCIC
Exploit Kit Variants Neutrino NJCCIC
Exploit Kit Variants Angler NJCCIC Comment
Exploit Kit Variants Angler NJCCIC Comment
Angler
Exploit Kit Variants Angler NJCCIC Comment
Exploit Kit Variants Angler NJCCIC Comment
Exploit Kit Variants Angler NJCCIC Comment
Exploit Kit Variants Angler NJCCIC Comment
Exploit Kit Variants Blackhole NJCCIC Comment
Exploit Kit Variants Blackhole NJCCIC Comment
Blackhole
Exploit Kit Variants Blackhole NJCCIC Comment
Exploit Kit Variants Blackhole NJCCIC Comment
Exploit Kit Variants Blackhole NJCCIC Comment
Exploit Kit Variants Blackhole NJCCIC Comment
Exploit Kit Variants Fiesta NJCCIC Comment
Exploit Kit Variants Fiesta NJCCIC Comment
Fiesta
Exploit Kit Variants Fiesta NJCCIC Comment
Exploit Kit Variants Fiesta NJCCIC Comment
Exploit Kit Variants Fiesta NJCCIC Comment
Exploit Kit Variants Fiesta NJCCIC Comment
Exploit Kit Variants NJCCIC Comment
Exploit Kit Variants NJCCIC Comment
Magnitude
Exploit Kit Variants NJCCIC Comment
Exploit Kit Variants NJCCIC Comment
Exploit Kit Variants NJCCIC Comment
Exploit Kit Variants NJCCIC Comment
Exploit Kit Variants Nuclear NJCCIC
Exploit Kit Variants Nuclear NJCCIC
Nuclear
Exploit Kit Variants Nuclear NJCCIC
Exploit Kit Variants Nuclear NJCCIC
Exploit Kit Variants Nuclear NJCCIC
Exploit Kit Variants Nuclear NJCCIC
Exploit Kit Variants Sweet Orange NJCCIC
Exploit Kit Variants Sweet Orange NJCCIC
Sweet Orange
Exploit Kit Variants Sweet Orange NJCCIC
Exploit Kit Variants Sweet Orange NJCCIC
Exploit Kit Variants Sweet Orange NJCCIC
Exploit Kit Variants Sweet Orange NJCCIC

The below list is not exhaustive and is meant to provide an overview of the most prevalent exploit kits impacting US victims. This page is updated regularly with new information.

What are Exploit Kits?

Exploit Kits (EKs) are toolkits that automate the exploitation of vulnerabilities in popular software applications in order to maximize successful infections and serve as a platform to deliver malicious payloads such as Trojans, spyware, ransomware, and other malicious software. Most users will encounter EKs from visiting seemingly legitimate, high-traffic websites that either contain links to EKs embedded within malicious advertising (malvertising) or have malicious code hidden directly within the website itself. Malicious URLs linking to EKs are commonly distributed through spam email and spear-phishing campaigns.

 
Image Credit: Microsoft

Image Credit: Microsoft

 

How DO Exploit kits work?

  1. Contact - the victim accesses a link that connects to an EK server (i.e. from a malicious ad, compromised website, or email hyperlink).

  2. Redirect - the victim is filtered based on a set of criteria specified by the EK attacker, such as the IP address or browser type, and redirected to the server that hosts the EK, and then delivers them to the landing page that will determine what vulnerabilities to exploit.

  3. Exploit - once the vulnerabilities are identified, the EK server downloads the exploit files to target the appropriate applications.

  4. Infect - once the vulnerabilities are exploited, the attacker downloads and executes malware on the victim’s machine, often a banking Trojan or ransomware.

Exploit kits Mitigation strategies

The constantly evolving nature of exploit kits underscores the need for a progressive and proactive cybersecurity posture - one that equally addresses the vulnerabilities and exploits of people, processes, and technology. Click below for some mitigation strategies to help defend against EKs:

REPORTING

If your organization is the victim of an Exploit Kit attack, or would like to learn more about the NJCCIC, please contact a Cyber Liaison Officer at njccic@cyber.nj.gov.