Criminals increasingly using malvertising to direct victims to exploit kits

Once popular exploit kit redirection campaigns see a significant decline as redirection through malvertising increases

The exploit kit scene these days strongly resembles a sinking ship—with very few survivors, struggling to keep themselves afloat. The shutdown of high-profile players such as Angler and Nuclear, as well as other popular kits like Magnitude opting for a private distribution model where only select clients are allowed access, has meant that the exploit kit landscape’s struggle for a fresh lease of life and variety continues.

Even as exploit kits continue with their struggle for resurgence, one aspect that has remained constant throughout has been the use of popular and effective redirection mechanisms to redirect unsuspecting users to exploit kit servers, with two of the most popular being the pseudo-Darkleech and EITest campaigns. But how have these campaigns fared with the recent changes in the exploit kit landscape?

Read full news article on Symantec