Exploit kits bounce back in March

Published on: 24 Apr 2017

March saw a massive uplift in cyber criminals using exploit kits, according to Check Point Software Technologies’ monthly report on IT threats.

Exploit kits discover and take advantage of vulnerabilities on machines to download and execute malicious code and their usage has been in decline since May 2016.

However, according to Check Point’s Global Threat Impact Index, they bounced back in March as Rig EK - which exploits Flash Java, Silverlight and IE to deliver ransomware and trojans - became the second most-used malware worldwide.

The number one malware variant for March though was HackerDefender, which hides files and implements a backdoor redirector so that a hidden backdoor can’t be found through traditional means.

Both HackerDefender and Rig EK impacted five per cent of organisations worldwide, followed by Conficker and Cryptowall, with four per cent each.

In terms of mobile malware, March’s biggest hitters were the Android-targeting Hiddad and Hummingbad, as well as the Ztorg trojan.

“The dramatic resurgence of exploit kits in March illustrates that older threats don’t disappear forever - they simply go dormant and can be quickly redeployed,” read a statement from Check Point - the world’s largest network cyber security vendor.

“It is always easier for malicious hackers to revisit and amend existing malware families and threat types rather than develop brand new ones.”