RigEK activity

Good News: Ransomware declines Bad News: Coinminers increase

RigEK activity

An article over at Bleeping Computer gives very good insight into the use of exploit kits. It seems that cybercriminals have started to move away from exploit kits that spread ransomware in favor of spreading cryptocurrency miners and information-stealing trojans.

The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers).

Palo Alto Network security researcher Brad Duncan gives his take on why exploit kits are declining.

Duncan says various reasons contributed to RIG and the EK landscape’s downfall, such as modern browsers getting harder to hack, Flash use going down after major browsers switched to an HTML5-first policy, and several coordinated takedowns aimed at EK operations.

An important item to note, the downward trend of exploit kits doesn’t mean the end of ransomware. New services that facilitate Ransomware as a Service are continuing to pop-up. These well coded, easy to use services will make ransomware a continued pain to businesses and individuals.

badge w light burst white (1)
Exclusively for Our MSP Partners

Now Available: Gen AI Certification From BSN

Lead Strategic AI Conversations with Confidence

Breach Secure Now’s Generative AI Certification helps MSPs simplify the AI conversation, enabling clients to unlock the value of gen AI for their business, build trust, and drive growth – positioning you as a leader in the AI space.

More on blogs

Phishing Tests Aren’t Enough: Why Remediation Is the Missing Link in Security Awareness

Phishing simulations show who clicks, but without follow-up, they rarely change behavior. Phishing remediation closes the gap by turning failures into learning opportunities, reinforcing training

Why Continuous Training Beats One-and-Done Cyber Awareness

Cyber threats evolve constantly, which means annual cybersecurity training is not enough to keep employees prepared. Learn how continuous training, phishing simulations, remediation, and short

The AI Boomerang Effect: Why Companies (and AI) Still Need Employees

The AI Boomerang trend is proving that AI does not eliminate the need for skilled employees. Instead, organizations need people who know how to use
Take the First Step

Experience Training That Makes a Difference

during the demo you’ll:

Take the First Step

Experience Training That Makes a Difference

During the demo you’ll: