Threats of Exploit Kits | Extol Corporation Sdn Bhd

Threats of Exploit Kits

February 9, 2015 By aatech

People are surprise when they have been infected or rather their computers have become infected. They haven’t clicked a bad link, visited a risky website or install any strange programs. They have done nothing except reading online news or browsing for some online shopping. Yet, the suddenly find that their credit card details have been stolen, data or photos on their computers are being held to ransom or that their Facebook or other social networking accounts have been hacked.The threat of Exploit Kits (see Definition) is a growing nightmare amongst computer users today.Let’s look at Exploit Kits. What are they? Exploit Kits are malicious toolkits. Clusters of criminal code are hidden around the internet, hiding on invincible landing pages (see Definition). When you encounter one, your computer is automatically catalogued. The Exploit Kit will then make a list of software that you have running, such as browsers, PDF readers, Java, Flash Player and whether these have any vulnerabilities. It looks at your computer for known holes or vulnerabilities to exploit.Imagine this: your house has a faulty window that has yet to be fixed; the gate cannot be closed properly; there is a hole in the fence. A would be thief would who intends to break into your house will look at these weaknesses. He will then plan and decide how he can use these weaknesses to his advantage, breaks into your house and takes control of it.And so it is with Exploit Kits. After finding out the vulnerabilities in your computer system, it uses ‘exploit’ code to force this hole wide open. Once the attacker is in your computer, they can install whatever malicious software they want, bypassing many security software programs. You computer is now under the control of this attacker.

Many high-traffic websites are booby-trapped with Exploit Kits. These sites redirect you in the background, without you knowing it. No new browser windows are opened; therefore, you are not alerted that there is something wrong. You may then click on an infected advert displayed on the page itself and be redirected to the Exploit Kit, and you are still unaware of what is happening. If you have vulnerabilities on your computer, it would now be taken over.

What this means is that news sites that you read or the online store that you buy things from are all possible candidates.

Below is an infographic of how Exploit Kits attack.

Exploit Kits

Recommendation

How do you protect yourself from it?

1. Keep your computer up-to-date

Keeping your computer and software up-to-date with the latest patch updates will drastically reduced the chances of any exploits working. Remember, these patches will patch known vulnerabilities.

2. Browser add-ons

Enable or install browser add-ons that can block Flash or disable scripts. (E.g., in Chrome go to Settings and select Extensions)

3. Install Security Software

Having antivirus and anti-malware protection is an effective solution to reducing such risks. Additional software that helps to reduce these attacks is also recommended.

Definition

1. Exploit Kits – a type of malicious toolkit used to exploit security holes found in software applications, such as Adobe reader, for the purpose of spreading malware (malicious software). They carry out automated ‘drive-by’ attacks in order to spread malware. These kits are sold on the black market, where the price could be in the thousands.

2. Landing page – a web page that serves as the entry point for a website or a particular section of a website, which has a”call-to-action” feature. For example, on a webpage, there is an e-book download page with one call-to-action for conversion and with a sole purpose to generate leads through content.

Source

Malwarebytes Unpacked.