ReferencesExploit Kits

RIG

RIG 3 - RIG-v - RIG 4 - Meadgive - Status: Active

References:
  • RIG Exploit Pack - 2014-05-12 - Kahu Security - darryl RIG Infinity
  • RIG Exploit Kit – Diving Deeper into the Infrastructure - 2015-02-23 - SpiderLabs - SpiderLabs Research RIG
  • RIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0 - 2015-08-03 - SpiderLabs - SpiderLabs Research RIG
  • RIG evolves, Neutrino waves goodbye, Empire Pack appears - 2016-10-22 - MDNC - Kafeine RIG Empire Neutrino Angler Nuclear Sutra BlackHole

    • More Reading:

  • CVE-2014-0569 (Flash Player) integrating Exploit Kit - 2014-10-21 - MDNC - Kafeine CVE-2014-0569 Chthonic Fiesta Angler Astrum Sweet Orange FlashPack RIG Magnitude KovCoreG Kovter
  • RIG exploit kit takes on large malvertising campaign - 2016-09-27 - Malwarebytes - Jérôme Segura GooNky RIG
  • The HookAds malvertising campaign - 2016-11-01 - Malwarebytes - Jérôme Segura Ebates RIG
  • Exposing EITest campaign - 2017-01-30 - Brillanit EITest RIG Cerber Madness
  • RIG EK at 92.53.105.43 Drops ASN1 Ransomware - 2017-03-02 - Malware Breakdown - malwarebreakdown Ebates RIG ASN1
  • ProMediads Malvertising and Sundown-Pirate Exploit Kit Combo Drops Ransomware and Info Stealer - 2017-07-19 - Trend Micro - Joseph C. Chen Sundown-P RIG CVE-2014-6332 CVE-2015-7645
  • CVE-2018-4878 (Flash Player up to 28.0.0.137) and Exploit Kits - 2018-03-09 - MDNC - Kafeine CVE-2018-4878 WordsJS GreenFlash Sundown Magnitude RIG Fallout Hermes
  • CVE-2018-8174 (VBScript Engine) and Exploit Kits - 2018-05-25 - MDNC - Kafeine CVE-2018-8174 RIG Magnitude GrandSoft Fallout Kaixin Hunter GreenFlash Sundown Smokebot
  • Kronos Reborn - 2018-07-24 - Proofpoint - Proofpoint Staff Osiris RIG
  • Ransomware as a Service Princess Evolution Looking for Affiliates - 2018-09-09 - Trend Micro - Joseph C. Chen Princess Evolution RIG
  • New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials - 2019-05-09 - Proofpoint - Dennis Schwarz - Proofpoint Staff KPOT Fallout RIG
  • Rig Exploit Kit sends Pitou.B Trojan - 2019-06-25 - SANS ISC - Brad Duncan RIG Pitou Bikarys Keitaro
  • Latest #Phorpiex activity.[...] New custom file structure for inbound payloads. - 2019-07-29 - Twitter - Sev RIG
  • SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits - 2019-08-01 - Proofpoint - Kade Karmon - Kafeine - Dennis Schwarz - Proofpoint Staff SystemBC Fallout RIG Danabot PowerEnum
  • Exploit kits: fall 2019 review - 2019-11-19 - Malwarebytes - Jérôme Segura Fallout Underminer Magnitude Spelevo RIG GrandSoft Kaixin