September 29, 2016
The exploit kit landscape is changing and according to multiple sources, activity from the Neutrino exploit kit service si waning, with the RIG crew moving in to take its place.
The latest security firm to add its voice to this conclusion is Malwarebytes, after previous reports from Heimdal Security, who spotted an increase in RIG activity, and Cisco Talos, who helped bring down a massive malvertising campaign that used the Neutrino exploit kit, leaving a huge gap for RIG to fill.
“Following the demise of the Angler exploit kit in June, Neutrino EK assumed the lead position by having the top malware and malvertising campaigns defaulted to it,” Jerome Segura of Malwarebytes noted. “But since then, there have been several shake ups, and an underdog in the name of RIG EK replaced Neutrino EK on several high volume attacks from compromised websites.”