In part one of our “Rise of the Exploit Kit” I explained what these are and why they are so dangerous. This new form of malware isn't what we would consider a legacy virus. It works differently and therefore usually isn't detected by anti-virus suites. In this article, I will give you tips on how to protect yourself from this dangerous drive-by code.
When you visit a high traffic site like The Weather Channel or MSN, there are ads that run within the page you are visiting. These exploit kits hide in those ads and silently redirect users to a hidden landing page where their system is scanned. What is the EK looking for? It is wanting to know what kind of security your system has. Is it up to date? Do you have vulnerable software like Internet Explorer or Adobe Flash? It searches for any and all security holes your system may have.
It then takes the information it has gathered and decides which malware to deliver to your system. Everything else is downhill from there.
Some have described the EK as being the weapon that delivers the damaging ammo to a system. One of the more recent attacks we have seen is the hiding of the Angler EK in fake social button widgets. Website owners who use these compromised or fake widgets unknowingly place an infection point right on their site. Visitors who click on the compromised social “like” button are secretly redirected to a landing page where their system is scanned and infected.
Some of the most vulnerable software includes the following: Internet Explorer, Adobe Flash, Silverlight, Adobe Reader, and Java. Think of how many of you have one or more of these programs currently on your computer. What is a person to do?
Here are some tips to start with:
It's no longer enough to stay away from shady websites or staying away from free downloads. You now need to be vigilant about what your system is doing behind the scenes. The only way to be sure is to install and maintain quality anti-virus and anti-malware protection. Right now the only strong anti-exploit software that I can recommend is Malwarebytes Anti-Exploit. You can try it out with their free trial. After that, it is $25 per year. Well worth some peace of mind.
In December, Malwarebytes announced the launch of their next-generation product, Malwarebytes 3.0. This is a combination of their Anti-Malware, Anti-Exploit, Anti-Ransomware, Website Protection, and Remediation technologies all in one service. With this new product, you can replace your traditional antivirus. However, if you choose to use a third-party antivirus alongside Malwarebytes 3.0, they will complement each other.
If you are already a customer of Malwarebytes, you will be upgraded for free to the new product.