Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label RIG. Show all posts

Enterprise Users Still at Risk: RIG Exploit Kit Continues to Infect via Internet Explorer

 

The RIG Exploit Kit, a well-known and long-running exploit kit, is experiencing a significant increase in its success rate. The RIG Exploit Kit is a tool used by bad actors to break into computer systems. 

It is now attempting to breach approximately 2,000 systems daily and succeeding in about 30% of those attempts, the highest rate it has achieved to date. This success rate has increased from 22% after the kit resurfaced with two new exploits. 

The RIG exploit kit is a malicious tool that hackers use to spread malware on vulnerable devices. It takes advantage of vulnerabilities in old versions of Internet Explorer and is being used to spread harmful software like Dridex, SmokeLoader, and RaccoonStealer. 

It works by embedding malicious scripts into compromised or malicious websites, which then infect a user's device when they visit the site. 

Prodaft, a cybersecurity research firm recently published a detailed report revealing that the RIG Exploit Kit continues to pose a significant and widespread threat to both individuals and organizations. The report suggests that despite its age, the kit remains a potent and viable threat, and users should take appropriate measures to protect themselves against it. 

Experts further added that they have looked into the RIG Exploit Kit and found that it is still a major threat to regular people and businesses. According to the data, RIG was first released in 2014 and suffered a setback in 2017 after a coordinated takedown action. It returned in 2019 and became focused on ransomware distribution. 

In 2021, RIG's owner announced the service would shut down, but it returned in 2022 with two brand-new exploits. Despite Internet Explorer being replaced by Microsoft Edge, RIG is still a significant threat to Enterprise devices, said experts. 

According to a heatmap report that was published recently, it shows that the most targeted countries by the exploit kit are Germany, France, Italy, Russia, Turkey, Egypt, Saudi Arabia, Algeria, Mexico, and Brazil. However, the data indicates that victims of the exploit kit can be found all over the world. 

Furthermore, the study shows that out of a group of computer vulnerabilities, the one called CVE-2021-26411 was the most successful, with a 45% success rate. The next most successful was CVE-2016-0189 with a 29% success rate and CVE-2019-0752 with a 10% success rate. 

In March 2021, Microsoft fixed a problem in Internet Explorer called CVE-2021-26411. It could cause a serious problem with the way the computer remembers things, but only if you visited a certain type of website. 

There are two other problems in Internet Explorer, called CVE-2016-0189 and CVE-2019-0752. These problems could let someone control your computer from far away. In February 2022, CISA warned that people were still using CVE-2019-0752 to control computers and that computer administrators should update their security to stop it.