Nieuwe versie van Rig Exploit Kit wordt ontwikkeld - Hoe, Technologie en PC Security Forum | SensorsTechForum.com
CYBER NEWS

Nieuwe versie van Rig Exploit Kit wordt ontwikkeld

het onderzoeken van geavanceerde malware-sensorstechforumEen nieuwe versie van de dangeorus RIG exploit kit gebruikt om succesvolle infecties uit te voeren via gebruik te maken van exploits in Windows is gedetecteerd uit in het wild. The exploit kit has been reported to contain new script files and features to conduct a successful infection. The creators of the kit have made several Action scripts and in addition to this have changed several changes that are displayed in it’s flash file.

When malware researchers at PC Xcetra Support have investigated deeper into the flash file’s source code they have discovered that a tool called DoSWF tool has been used to obfuscate this exploit kit. The tool is currently believed to be in version 5.5.0, and the researchers have even managed to discover that the tool is publicly available for sale via it’s website:

rig-ek-obfuscator-malware-researchers-xcetra-sensorstechforum-com

Rig EK was the kit that replaced the Angler EK, and it is using exploits In Adobe’s Flash Player to conduct a successful infection. But on the 20th and 21st of August malware, researchers have detected the new version that had other features and exploits that can be used as well.

This very new version was reported to cause infections via taking advantage of Microsoft software. One of those exploits was reported by Eduard Kovacs at Secrutiyweek.com to be the CVE-2016-0189. Deze vorm van kwetsbaarheid toegestaan ​​voor een externe soort uitvoering van de aanval, die gebruik maakte door het uitvoeren van JavaScripts evenals VBScripts.

Microsoft was able to patch the flow, but it is not known for certainty whether the similar attack can be conducted via Internet Explorer instead.

News also broke out that the ones behind the RIG exploit kit may also be working on new updates to the exploit kits and they might also be conducting tests that can ensure the successful operation of malware which is joined with this kit.

Not only this but malware researchers have also discovered some elements related to the usage of a Silverlight exploit which is a Microsoft software exploit. Researchers at Cyphort also report this exploit to be used for the first time by RIG.

Not only does the RIG exploit kit have new exploits to use for a successful infection, but it has also been reported that it changed it’s communication with servers as well. Unlike the previous communication methods that were easier to track down and foreseen, malware researchers have detected that the devs of RIG have been conducting tests on new and safer methods for communication.

Rig EK Summary

This tendency of developing exploit kits is not only limited to the Rig. Many malware coders are also attempting to discover new vulnerabilities and bundle them in their kits. The truth is that exploits have become a lucrative business, and their discovery has become crucial regarding security for black hat hackers and IT companies that want to patch vulnerabilities in their software.

avatar

Ventsislav Krastev

Ventsislav is over de laatste malware, software en de nieuwste technische ontwikkelingen bij SensorsTechForum voor 3 Al jaren. Hij begon als een netwerkbeheerder. Na afgestudeerd Marketing, alsmede, Ventsislav heeft ook een passie voor ontdekking van nieuwe veranderingen en innovaties in cybersecurity dat spel wisselaars worden. Na het bestuderen van Value Chain Management en vervolgens Network Administration, vond hij zijn passie binnen cybersecrurity en is een groot voorstander van het basisonderwijs van elke gebruiker in de richting van online veiligheid.

Meer berichten - Website

Volg mij:
Tjilpen

Laat een bericht achter

Uw e-mailadres wordt niet gepubliceerd. Verplichte velden zijn gemarkeerd *

Termijn is uitgeput. Laad CAPTCHA.

Delen op Facebook Aandeel
Loading ...
Delen op Twitter Gekwetter
Loading ...
Delen op Google Plus Aandeel
Loading ...
Delen op Linkedin Aandeel
Loading ...
Delen op Digg Aandeel
Deel op Reddit Aandeel
Loading ...
Delen op StumbleUpon Aandeel
Loading ...