#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for exploit kit | Breaking Cybersecurity News | The Hacker News

Phoenix exploit kit 2.5 leaked, Download Now !

Phoenix exploit kit 2.5 leaked, Download Now !

Apr 15, 2011
Phoenix exploit kit 2.5 leaked, Download Now ! Phoenix exploit kit 2.5 has been leaked . Now U can dowload from given link..  At below here is a some define about Phoenix Exploit Kit. The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. Often, cybercriminals drive traffic to the exploit kit by compromising legitimate sites and by inserting iframes that point to the exploit kit or by poisoning search engine results that take users to the exploit kit. When users land on a page injected with the exploit kit, it detects the user's Web browser and OS version then attempts to exploit either the browser or a browser plug-in. The latest version of the Phoenix Exploit Kit currently has payloads for nine different system configurations, including:     * XPIE7: Internet Explorer 7 and either Windows XP, Windows XP SP2, or Windows 2003     * VISTAIE7: Internet Explorer 7 and Windows Vista     *
Angler Exploit Kit Uses Domain Shadowing technique to Evade Detection

Angler Exploit Kit Uses Domain Shadowing technique to Evade Detection

Mar 05, 2015
The world's infamous Angler Exploit Kit has become the most advanced, much more powerful and the best exploit kit available in the market, beating the infamous BlackHole exploit kit , with a host of exploits including zero-days and a new technique added to it. Angler Exploit Kit's newest technique is dubbed "Domain Shadowing" which is considered to be the next evolution of online crime. Domain Shadowing, first appeared in 2011, is the process of using users domain registration logins to create subdomains. WHAT IS DOMAIN SHADOWING ? With the help of Domain Shadowing technique used in a recent Angler campaign, attackers are stealing domain registrant credentials to create tens of thousands of sub-domains that are used in hit-and-run style attacks in order to either redirect victims to the attack sites, or serve them malicious payloads. Security researcher Nick Biasini of Cisco's Talos intelligence team analysed the campaign and said the "massive&qu
Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Feb 14, 2024Financial Security / Cyber Threats
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ Threat Landscape Recent trends show an alarming increase in sophisticated cyber-attacks. Cybercriminals now deploy advanced techniques like deep fake technology and AI-powered attacks, making it increasingly difficult for banks to differentiate between legitimate and malicious activities. These developments necessitate a shift towards more sophisticated and adaptive cybersecurity measures. Take these industry statistics, for example. Financial firms report 703 cyberattack attempts per week.1 On average, 270 attacks (entailing unauthorized access of data, appl
BlackHole Exploit Kit 1.0.2 - Download !

BlackHole Exploit Kit 1.0.2 - Download !

May 23, 2011
BlackHole Exploit Kit 1.0.2 - Download ! First Public Release of  BlackHole Exploit Kit . BlackHole exploit kit is yet another in an ongoing wave of attack toolkits flooding the underground market. The kit first appeared on the crimeware market in September of 2010 and ever since then has quickly been gaining market share over its vast number of competitors. In fact, many antivirus vendors now claim that this is one of the most prevalent exploit kits used in the wild. Even Malware Domain List is showing quite a few domains infected with the BlackHole exploit kit. Black Market Cost : Users can purchase the annual license for $1500, semi-annual license for $1000, or just a quarterly license for $700. The license includes free software updates for the duration of the contract. For those malicious users with a commitment phobia the makers of the kit offer yet another solution. You can rent the kit (on the author's servers) for $50 for 24 hours, $200 for 1 week, $300 for 2 weeks, $
cyber security

The Critical State of AI in the Cloud

websiteWiz.ioArtificial Intelligence / Cloud Security
Wiz Research reveals the explosive growth of AI adoption and what 150,000+ cloud accounts revealed about the AI surge.
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

Feb 27, 2023 Threat Intelligence
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. "RIG EK is a financially-motivated program that has been active since 2014," Swiss cybersecurity company PRODAFT  said  in an exhaustive report shared with The Hacker News. "Although it has yet to substantially change its exploits in its more recent activity, the type and version of the malware they distribute constantly change. The frequency of updating samples ranges from weekly to daily updates." Exploit kits are programs used to distribute malware to large numbers of victims by taking advantage of known security flaws in commonly-used software such as web browsers. The fact that  RIG EK  runs as a service model means threat actors can financially compensate the RIG EK administrator for installing malware of their choice on victim machines. The RIG EK operators primarily employ malvertising to ensure a high infection rate and large-scale
Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Nov 26, 2015
Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit , one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to internet users in recent times. Typically, a Ransomware malware encrypts all files on victim's computer with a strong cryptographic algorithm, then demand a ransom to be paid in Bitcoin (range between $200 and $10,000). Cryptowall is currently among the most widespread and sophisticated family of Ransomware backed by a very robust back-end infrastructure. Also Read: Anyone can Now Create their Own Ransomware using This Hacking ToolKit The recent report dated back to last month suggested that the authors of Cryptowall 3.0 ransomware virus have managed to raise more than $325 Million in revenue in the past year alone. With the debut of Cryptowall 4.0 at the beg
jQuery Official Website Compromised To Serve Malware

jQuery Official Website Compromised To Serve Malware

Sep 24, 2014
The official website of the popular cross-platform JavaScript library jQuery (jquery.com) has been compromised and redirecting its visitors to a third-party website hosting the RIG exploit kit , in order to distribute information-stealing malware. JQuery is a free and open source JavaScript library designed to simplify the client-side scripting of HTML. It is used to build AJAX applications and other dynamic content easily. The popular JavaScript library is used by 30 percent of websites, including 70 percent of the top 10,000 most visited websites. James Pleger , Director of Research at Risk management software company RiskIQ , reported yesterday that the attack against jQuery.com web servers launched for a short period of time on the afternoon of September 18th. So, the users who visited the website on September 18th may have infected their system with data-stealing malware by redirecting users to the website hosting RIG. Pleger urged those who visited the site durin
Unknown Exploit Kit (Crimeware) leaked, Available for Download !

Unknown Exploit Kit (Crimeware) leaked, Available for Download !

May 21, 2011
Unknown Exploit Kit  (Crimeware) leaked, Available for Download ! Another New Exploit kit is now in Black Market called Unknown Exploit Kit or Mushroom Exploit Kit  . After The Public Release of Source code of ZeuS Botnet Version : 2.0.8.9 , THN also provide  Crimepack 3.1.3 Exploit kit &   26 more Underground Hacking Exploit Kits  for Download and Research. Now  1st Public Release of Spanish version of   Unknown Exploit Kit is here... This kit offers the following exploits: MDAC, SpreadSheet, SnapShot, Aurora, CSSClip, IEPeers, PDF LibTiff, PDF GetIcon, PDF CollectEmail, JAVA, Shockwave, and AOL. Screenshots : Download Links : https://www.multiupload.com/6U6T4MB7SD Note : The Public Release of these kits are only for Educational and Research Purpose Only. May this help Antivirus and Security Companies to Analyse and develop advance Security wares. Thanks.
Netflix Users Targeted by Microsoft Silverlight Exploits

Netflix Users Targeted by Microsoft Silverlight Exploits

May 21, 2014
Netflix, the world's largest Internet Video Subscription service with more than 35.7 million customers in U.S alone, that runs on the Microsoft Silverlight platform, has now become a popular target for cybercriminals, as public awareness of Java and Flash flaws is increasing. Silverlight is a Microsoft's plug-in for streaming media on browsers, similar to Adobe Flash Player , that handles multimedia contents on Microsoft Windows and Mac OS X Web Browsers, and is popularly known for being used in Netflix's streaming video service. But, Netflix isn't the only service that works on Silverlight, many other multimedia services supports Silverlight. Malware and Exploit Kit developers are targeting Silverlight users as they aren't aware of the increasing proliferation of malware for the platform. Silverlight vulnerabilities are mostly exploited using drive-by download attacks to compromise victim's computers with malware, especially through malicious ads. A recent
RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

Jun 22, 2022
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi,  spotted  by Romanian company Bitdefender, comes in the wake of Raccoon Stealer  temporarily closing the project  after one of its team members responsible for critical operations passed away in the Russo-Ukrainian war in March 2022. The Rig Exploit Kit is notable for its abuse of browser exploits to distribute an array of malware. First spotted in 2019, Raccoon Stealer is a credential-stealing trojan that's advertised and sold on underground forums as a malware-as-a-service (MaaS) for $200 a month. That said, the Raccoon Stealer actors are already working on a second version that's expected to be "rewritten from scratch and optimized." But the void left by the malware's exit is being filled by other information stealers such as RedLine Stealer and Vidar.
Hunting Russian malware author behind Phoenix Exploit Kit

Hunting Russian malware author behind Phoenix Exploit Kit

Apr 08, 2013
Exploit kits are one of the dangerous cyber crime tool, where The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. The Phoenix Exploit Kit is available for a base price of $2,200 in underground market by its malware author or developer.  Like other exploit kits , Phoenix also developed to exploit browser-based  vulnerabilities in outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader. Developer of Phoenix is known by nickname AlexUdakov on several forums. According to new investigation report published by  krebsonsecurity , AlexUdakov was also member of a forum called Darkode , whose administrator accounts were compromised few weeks before and that the intruders were able to gain access to private communications of the administrators.  Intruders was able to view full profiles and database of Darkode members, as well as the private email addres
Hacking Millions with Just an Image — Recipe: Pixels, Ads & Exploit Kit

Hacking Millions with Just an Image — Recipe: Pixels, Ads & Exploit Kit

Dec 07, 2016
If you have visited any popular mainstream website over the past two months, your computer may have been infected — Thanks to a new exploit kit discovered by security researchers. Researchers from antivirus provider ESET released a report on Tuesday stating that they have discovered an exploit kit, dubbed Stegano , hiding malicious code in the pixels of banner advertisements that are currently in rotation on several high profile news websites. Stegano originally dates back to 2014, but since early October this year, cyber crooks had managed to get the malicious ads displayed on a variety of unnamed reputable news websites, each with Millions of daily visitors. Stegano derived from the word Steganography , which is a technique of hiding messages and content inside a digital graphic image, making the content impossible to spot with the naked eye. In this particular malvertising campaign, operators hide malicious code inside transparent PNG image's Alpha Channel, which def
Phoenix Exploit’s Kit 2.8 mini version

Phoenix Exploit's Kit 2.8 mini version

Oct 12, 2011
Phoenix Exploit's Kit 2.8 mini version Back in April of this year, we reported the leak of  Phoenix Exploit Kit 2.5 .  The version currently in circulation is 2.8, and despite its lower activity for the last half of this year, it remains one of the preferred exploit packs used by cyber-criminals. In comparison to the Black Hole Exploit Pack, the PEK has a similar licensing model.  The last version released offered an "alternative" to purchasing the exploit pack.  This "alternative" is the Phoenix Exploit's Kit 2.8 mini. The current licensing model consists of the following: ·           Simple Domain (Closed) – USD $2,200.00 ·           Multithreaded Domain (Closed) – USD $2,700.00 ·           Extra-Encryption Service (ReFUDing) – USD $40.00 The mini version does not change the characteristics of the Exploit Pack, at least in regards to its graphical interface and functionality in relation to previous versions.  Each section has the same type of display and statistical inform
DNSChanger Malware is Back! Hijacking Routers to Target Every Connected Device

DNSChanger Malware is Back! Hijacking Routers to Target Every Connected Device

Dec 17, 2016
Next time when you see an advertisement of your favorite pair of shoes on any website, even if it is legitimate, just DO NOT CLICK ON IT. …Because that advertising could infect you in such a way that not just your system, but every device connected to your network would get affected. A few days ago, we reported about a new exploit kit, dubbed Stegano , that hides malicious code in the pixels of banner advertisements rotating on several high profile news websites. Now, researchers have discovered that attackers are targeting online users with an exploit kit called DNSChanger that is being distributed via advertisements that hide malicious code in image data. Remember DNSChanger? Yes, the same malware that infected millions of computers across the world in 2012. DNSChanger works by changing DNS server entries in infected computers to point to malicious servers under the control of the attackers, rather than the DNS servers provided by any ISP or organization. So, wheneve
Yahoo Ad Network abused to redirect users to malicious websites serving Magnitude Exploit Kit

Yahoo Ad Network abused to redirect users to malicious websites serving Magnitude Exploit Kit

Jan 05, 2014
Internet advertisement networks provide hackers with an effective venue for targeting wide range computers through malicious advertisements. Previously it was reported by some security researchers that Yahoo's online advertising Network is one of the top ad networks were being abused to spread malware by cyber criminals . Recent report published by Fox-IT, Hackers are using Yahoo's advertising servers to distribute malware to hundreds of thousands of users since late last month that affecting thousands of users in various countries. " Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious ," the firm reported . More than 300,000 users per hour were being redirected to malicious websites serving 'Magnitude Exploit Kit', that exploits vulnerabilities in Java and installs a variety of different malware i.e. ZeuS Andromeda Dorkbot/Ngrbot Advertisement clicking malware Tinba/Zusy Necurs "
ALERT: This New Ransomware Steals Passwords Before Encrypting Files

ALERT: This New Ransomware Steals Passwords Before Encrypting Files

Dec 04, 2015
You should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler , which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease. Many poorly-secured websites are targeting Windows users with a new "Cocktail" of malware that steals users' passwords before locking them out from their machines for ransom. Yes, stealing Windows users' passwords before encrypting their data and locking their PCs for ransom makes this upgrade to the Angler Exploit Kit nastier. Here's How the New Threat Works: Once the Angler exploit kit finds a vulnerable application, such as Adobe Flash, in visitor's computer, the kit delivers its malicious payloads, according to a blog post published by Heimdal Security. The First Payload infects the victim's PC with a widely used data thief exploit known as Pony that systematic
RedKit Exploit Kit : New web malware exploitation pack

RedKit Exploit Kit : New web malware exploitation pack

May 05, 2012
RedKit Exploit Kit : New web malware exploitation pack Trustwave researchers have spotted a new exploit kit called " RedKit Exploit Kit " that  being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits. In actual, The new kit has no official name, so the researchers dubbed it ' Redkit ' due to the red bordering used in the application's panel. " Logging to the admin panel presents you with options which are typically used by other exploit kits. The panel allows you to check the statistics for incoming traffic, upload a payload executable and even scan this payload with no less than 37 different AV's ," Trustwave reports . To deliver the malware, RedKit exploits two popular bugs: 1.)  The Adobe Acrobat and Reader LibTIFF vulnerability ( CVE-2010-0188 ). 2.)  The Java AtomicReferenceArray vulnerability ( CVE-2012-0507 ), lately used by the criminals behind the massive Fl
New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer

New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer

Apr 28, 2022
A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. "When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN logins) to a remote command and control server," Bitdefender  said  in a new report shared with The Hacker News. Most of the infections are located in Brazil and Germany, followed by the U.S., Egypt, Canada, China, and Poland, among others. Exploit kits or exploit packs are comprehensive tools that contain a collection of exploits designed to take advantage of vulnerabilities in commonly-used software by scanning infected systems for different kinds of flaws and deploying additional malware. The primary infection method used by attackers to distribute exploit kits, in this case the
Cybersecurity Resources