Capesand Exploit Kit

Capesand Exploit Kit Description

Malware researchers have spotted a new EK (Exploit Kit) circulating the Internet. Its name is the Capesand Exploit Kit, and it was first uncovered in October 2019. After studying the Capesand Exploit Kit, cybersecurity experts believe that the creators of this EK likely lack experience as most of the code appear to be borrowed from already existing hacking tools whose code is available publicly. The Capesand Exploit Kit is a project in progress as it would seem that its creators have not yet finished developing it. Among the people who are utilizing the Capesand Exploit Kit is a hacking group that is known to have used the RIG Exploit Kit previously. It is likely that they have decided to switch to the Capesand Exploit Kit as it is brand-new, and its developers are launching updates constantly. The creators of the Capesand Exploit Kit also add new exploits regularly, which the threat can utilize in its campaigns.

Exploits Vulnerabilities and Plants DarkRAT and njRAT

The Capesand Exploit Kit has been programmed to target vulnerabilities in the Internet Explorer Web browser, as well as in the Adobe Flash software suite. So far, the Capesand Exploit Kit attempts to exploit the following vulnerabilities found in the Internet Explorer browser:

  • CVE-2019-0752
  • CVE-2018-15982
  • CVE-2015-2419

In regards to vulnerabilities linked to the Adobe Flash application, the Capesand Exploit Kit looks for the following vulnerabilities:

  • CVE-2018-4878
  • CVE-2018-15982

Instead of carrying an unsafe payload, the Capesand Exploit Kit fetches it from a C&C (Command & Control) server, which is hosting the payloads of the additional malware. As soon as the Capesand Exploit Kit detects a vulnerability it can exploit, it will establish a connection with the C&C server and grab the payload, which will then be planted on the compromised host. So far, the Capesand Exploit Kit has been spotted planting two hacking tools on its victims' systems – the DarkRAT (Remote Access Trojan) and the njRAT.

Threats like the Capesand Exploit Kit rely on users who do not update their applications. This is why it is crucial to keep all your software up to date. Furthermore, you should look into obtaining a reputable anti-malware solution, which will make sure you do not fall victim to a threat like the Capesand Exploit Kit.

Do You Suspect Your PC May Be Infected with Capesand Exploit Kit & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Capesand Exploit Kit as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.