Exploit Kit Popularity is Surging, Check Point Report Says

March 2017 saw a massive uptick in Exploit Kit usage by cybercriminals worldwide, according to a new report from cybersecurity firm Check Point Inc.

According to that report, the most common malware in March were HackerDefender and Rig Exploit Kit in first and second place, each impacting 5% of organizations worldwide, followed by Conficker and Cryptowall, each impacting 4% of organizations worldwide.

Exploit Kits, which are designed to discover and exploit vulnerabilities on machines in order to download and execute further malicious code, have been in decline since a high point in May 2016, following the demise of the leading Angler and Nuclear variants. However, March saw the use of the Rig exploit kit surge up the rankings, becoming the second most-used malware worldwide throughout the month, according to Check Point’s Global Threat Index Report.

First introduced in 2014, Rig EK delivers exploits for Flash, Java, Silverlight, and Internet Explorer. Users are infected with Rig via JavaScript landing pages that check for vulnerable plug-ins and deliver the exploit.

Check Point

Use of the Terror Exploit Kit also in usage in March, coming in as the eleventh most popular malware for the month in Check Point’s report. Terror was first detected at the start of December 2016, and contained eight different operational exploits.

According to Check Point’s research,  March 2017’s Top 10 ‘Most Wanted’ Malware were:

1. HackerDefender
2. Rig EK
3. Conficker
4. Cryptowall
5. Zeus
6. Pykspa
7. Nivdort
8. Hancitor
9. Sality
10. Necurs