| Exploit Kits | Description |
|---|---|
| SofosFO/Stamp Exploit Kit | The exploit kit, also known as GrandSoft, uses compromised websites to infect users with browser vulnerabilities containing Flash or Java components. The exploit kit is used to infect victims with ransomware, miners, and various Trojans. |
| Neutrino Exploit Kit | Neutrino and its predecessor Neutrino-v are popular exploit kits that surged in mid-2016. They are known for using compromised sites and malvertising to infect users with various malware. |
| Magnitude Exploit Kit | Also known as Popads, Magnitude is used in malvertising attacks to infect victims who visit compromised websites. The exploit kit is known to infect users with a range of ransomware with a focus on users in South Korea. |
| RIG Exploit Kit | RIG is spread via suspicious advertisements that have been inserted into legitimate websites. The VIP version of the exploit kit, RIG-v, appeared in 2016 and uses new URL patterns. |
| Bizarro Sundown Exploit Kit | The exploit kit, also known as GreenFlash, was first spotted in October of 2016 and is a predecessor to the Sundown exploit kit. The private EK is only used by the ShadowGate group (aka WordsJS). |
| KaiXin Exploit Kit | The exploit kit (also known as CK VIP) is reported to have originated from China and focuses on users who visit compromised Korean websites. KaiXin resurfaced in 2018 and is infecting users with the Gh0st Remote Access Trojan. |
| ThreadKit Exploit Kit | The exploit kit is used to create malicious Microsoft Office documents in an attempt to exploit a range of Microsoft vulnerabilities. The builder is sold on the Dark Web and has been used to infect victims with various malware including FormBook, Loki Bot, Trickbot, and Chthonic. |
| Underminer Exploit Kit | The exploit kit protects its own exploit code and C2 traffic with RSA encryption and takes advantage of flaws in Microsoft Internet Explorer and Adobe Flash Player to infect users with a range of malware including crypto-miners and bootkits. |
| Fallout Exploit Kit | The exploit kit was discovered in August 2018 and takes advantage of flaws in Adobe Flash Player and Microsoft Windows. A successful infection will allow the attacker to download additional malware onto the victims computer. |
| Spelevo Exploit Kit | The exploit kit was discovered in early 2019 and exploits a flaw in Adobe Flash Player to drop the GootKit Trojan. A Microsoft Windows scheduled task is created during infection to make the payload persistent. |
Top 10 Exploit Kits
July 16, 2019
