Malwarebytes has recently released a report that show a campaign is being carried out using the Fallout exploit kit to distribute Racoon Stealer using popular adult websites.
This cyber attack was made known to the ad network and the malicious advert was taken down. However, it was soon replaced with an advert bringing visitors to a site hosting the Rig exploit kit. Following this a separate campaign was discovered where another threat, renowned for targeting various adult ad networks. The malicious adverts were served via a wide range of different adult websites, including one of the most popular adult websites that boasts more than 1 billion page views monthly.
The threat actor had filed bids for users of Internet Explorer only, as the exploit kit included an exploit for an unpatched IE flaw. The flaw exploited were CVE-2019-0752 and CVE-2018-15982, the former is an IE vulnerability and the latter is a vulnerability in Adobe Flash Player. In this campaign, Smoke Loader malware was shared, along with Racoon Stealer and ZLoader.
For an exploit kit to be effective, a computer must have an unpatched flaw, an exploit for which must be included in the EK. Prompt patching is almost always one of the most effective methods for ensuring that these attacks are not successful. It is important to stop using Internet Explorer and Flash Player. Vulnerabilities in each are frequently attacked.
These campaigns can also be simply prevented by using a web filter. Unless your business is working in the adult entertainment sector, access to adult content on work devices should be prevented. A web filter permits your business to block access to all adult websites, and other categories of web content that employees should not be accessing in the office.
A cloud-based web filter such as WebTitan is cost effective option to address this that can safeguard against a web-borne attacks such as exploit kits and drive-by malware downloads, while also helping companies to improve productivity by stopping staff members from viewing websites that have no work purpose. Web filters can also reduce legal liability by preventing employees from participating in illegal online activities, such as copyright infringing file installations.
Once configured – a quick process – access to specific categories of website can be blocked with the click of a mouse and staff will be stopped from viewing websites known to host malware, phishing kits, and other potentially dangerous malicious websites.
For more details on WebTitan and protecting your company from web-based attacks contact TitanHQ now.