Home > Cyber News > Hundreds of GoDaddy Domains Exposed to Angler Exploit Kit Threat

Hundreds of GoDaddy Domains Exposed to Angler Exploit Kit Threat

Angler_exploit_kitAngler Exploit Kit has once again proved itself to be the most advanced exploit kit available today. As reported by Cisco, more than 10 000 malicious sub-domains were found on GoDaddy accounts. The reason for the extremely high number of affected GoDaddy accounts? The registrar authorizes at least a third of the domains on the web.

Angler Exploit Kit is one of the serious hacking tools that pose security threats at a greater level. As Enigma Software malware researchers have previously stated, Angler Exploit Kit is produced to search for Java and Flash Player vulnerabilities. If the latter is not available, the Angler kit hands a remote control exploit (CVE-2013-0074) that is known to affect the Microsoft plug-in Silverlight 5. The dangerous tool then uses these vulnerabilities in order to distribute malware infections. It is also known that Angler affects various browsers (Chrome, Firefox, Internet Explorer).

When Does the Angler Attack Start?

Once the user views a malicious ad, they are being redirected to a compromised subdomain, which sends them to a page providing an Adobe Flash or Microsoft Silverlight exploit.
The last victim of the exploit kit in question is GoDaddy – one of the largest domain registrars and web hosting companies worldwide. The attack itself poses a new technique, which is called domain shadowing.

How Does Domain Shadowing Work?

Domain shadowing is the process of exploiting users’ domain credentials in order to create lists of subdomains. Once the subdomains are at hand, there are two options – the user either ends up redirected to an attack site or becomes a victim of a malicious payload.

One may wonder how exactly their account may become a victim of domain shadowing. The answer is very simple – through phishing. In addition, users usually own more than one domain, so the attackers have plenty to exploit. In most cases the account owners have no idea what is going on.

The domain shadowing campaign proves to be a very effective technique since it’s very difficult to be stopped or detected. Blacklisting won’t help either – not only the victims’ domains are being rotated but also their IP addresses. Furthermore, malware experts have discovered that most of the subdomains are only active for a few minutes and reached just a couple of times.

Although Angler has been around for quite some time, it is not since December 2014 when it became so active, due to the domain shadowing high efficiency.

How to Remove Angler Exploit Kit Website 12 and 15


Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool. Find Out More About SpyHunter Anti-Malware Tool

1. Remove/Uninstall Angler Exploit Kit

1. Remove/Uninstall Angler Exploit Kit in Windows

Here is a method in few easy steps to remove that program. No matter if you are using Windows 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program get left behind, and that can lead to unstable work of your PC, mistakes with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:

  • Hold the Windows Logo Button and “R” on your keyboard. A Pop-up window will appear (fig.1).
  • uninstall-virus-fig1

  • In the field type in “appwiz.cpl” and press ENTER (fig.2).
  • uninstall-virus-fig2

  • This will open a window with all the programs installed on the PC.
    Select the program that you want to remove, and press “Uninstall” (fig.3).
  • uninstall-virus-fig3

    Follow the instructions above and you will successfully uninstall Angler Exploit Kit.

    2. Restore the settings in your browser

    2. Remove Angler Exploit Kit from your browser

    Remove a toolbar from Mozilla FirefoxRemove a toolbar from Google Chrome Remove a toolbar from Internet Explorer Remove a toolbar from Safari
    Start Mozilla Firefox Open the menu window


    Select the “Add-ons” icon from the menu


    Select Angler Exploit Kit and click “Remove


    After Angler Exploit Kit is removed, restart Mozilla Firefox by closing it from the red “X” in the top right corner and start it again.

    Start Google Chrome and Open the drop menu


  • Move the cursor over “Tools” and then from the extended menu choose “Extensions
  • uninstall-fig8

  • From the opened “Extensions” menu locate Angler Exploit Kit and click on the garbage bin icon on the right of it.
  • uninstall-fig9

  • After Angler Exploit Kit is removed, restart Google Chrome by closing it from the red “X” in the top right corner and start it again.
  • Start Internet Explorer:

  • Click “‘Tools’ to open the drop menu and select ‘Manage Add-ons’
  • uninstall-fig10

  • In the ‘Manage Add-ons’ window, make sure that in the first window ‘Add-on Types’, the drop menu ‘Show’ is on ‘All add-ons’
  • uninstall-fig11

    Select Angler Exploit Kit to remove, and then click ‘Disable’. A pop-up window will appear to inform you that you are about to disable the selected toolbar, and some additional toolbars might be disabled as well. Leave all the boxes checked, and click ‘Disable’.


    After Angler Exploit Kit has been removed, restart Internet Explorer by closing it from the red ‘X’ in the top right corner and start it again.

    Start Safari

    Open the drop menu by clicking on the sprocket icon in the top right corner.

    From the drop menu select ‘Preferences’
    In the new window select ‘Extensions’
    Click once on Angler Exploit Kit
    Click ‘Uninstall’


    A pop-up window will appear asking for confirmation to uninstall Angler Exploit Kit. Select ‘Uninstall’ again, and the Angler Exploit Kit will be removed.

    3. Remove Angler Exploit Kit automatically with Spy Hunter Malware - Removal Tool.

    3. Remove Angler Exploit Kit automatically with Spy Hunter Malware – Removal Tool.

    To clean your computer with the award-winning software Spy Hunter – donload_now_140
    It is highly recommended to run a FREE scan before purchasing the full version of the software to make sure that the current version of the malware can be detected by SpyHunter.

    Berta Bilbao

    Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

    More Posts

    Leave a Comment

    Your email address will not be published. Required fields are marked *

    This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
    I Agree