Similarly to hackers, who adopt newer and more complex attack vectors, exploit kit devs are aiming to old and usually forgotten vulnerabilities within pieces of software.
A recent analysis of some current exploit kits, including Angler, Rig, and Sundown, revealed that hackers and cyber-attackers are continuously changing their approaches with new crypto mining malware, botnets, and Trojan attacks. However, the hackers are still focusing on forgotten vulnerabilities that should have been fixed a long time ago.
New cyber attacks using old and forgotten vulnerabilities
As reported by Trend Micro in their analysis, Rig is the most used exploit kit, developed in 2017 and updated for more than four times, outperforming other similar packages which vanished or has been disabled.
Usually, cyber-attackers use Internet Explorer or MS Office’s vulnerabilities to deploy crypto mining malware that uses the computing power of the infected computers for their purposes. Also, they could steal credentials, banking information, private data, and many others.
Palo Alto Networks revealed in June 2018 that exploit kit devs are also aiming the old and usually forgotten vulnerabilities of Adobe Flash Player, a famous piece of software for its security flaws which become gateways for cybercriminals to deploy their exploit kits.
Exploit kit devs target zero-day vulnerabilities which are more common lately
In June this year, a report signed by Malwarebytes indicated that exploit kit devs are more and more aiming to the increasingly more zero-day vulnerabilities in recent software releases. The IT security experts also stated that more 0-day flaws would emerge in upcoming releases.
In order to get protection against cyber attacks that target old and usually forgotten vulnerabilities, as well as zero-day vulnerabilities, the security specialists from IBM recommend software developing companies to enhance their antivirus protections and adopt better patch-management policies to update their software programs against possible attacks regularly.