Newest RIG exploit kit driven by malicious advertising
LAS VEGAS – Earlier this year, a disgruntled reseller leaked the source code for version 2.0 of the RIG exploit kit.
Since then, the RIG’s author has released version 3.0, which was recently discovered by researchers from Trustwave. The latest version uses malvertising in order to deliver a majority of its traffic, infecting some 1.25 million systems to date.
There have been a few notable changes made to RIG between versions, including a cleaner control panel that’s easier to navigate, changes to the URL structure used by the kit that helps it avoid detection, and a security structure that prevents unauthenticated users from accessing internal files – clearly implemented to avoid leaks such as the one that exposed the source code for the previous version.