Lord Exploit Kit

Lord Exploit Kit Description

High-profile hacking groups often develop new exploit kits, which are weaponized heavily and very threatening. However, there are some low-skilled ill-minded actors who also attempt to create exploit kits. Unlike the state of art malware that high-skilled hackers can build, these low-effort exploit kits are almost laughable. For example, some of these so-called exploit kits are just using public, proof-of-concept (PoC) exploits for popular plugins and software like Adobe Flash Player or Internet Explorer. The PoC exploit code is embedded in websites, and the only thing left to do is to lure users to visit the landing page laced with the Lord Exploit Kit.

Attempts to Exploit Adobe Flash Player

The threat actors may often rely on shady ad networks to publish what looks a legitimate advertisement. However, what neither the user nor the ad network's administrators might not know is that the page has the Lord Exploit Kit's code embed in it. The landing page of the Lord Exploit Kit carries the exploitation code, which is meant to gather information about the user visiting the page. It also is able to scan the running processes in an effort to detect any plugins or applications, which it may be able to exploit. Currently, the Lord Exploit Kit is limited in its capabilities fairly and can only attempt to take advantage of the CVE-2018-15982 exploit that is found in an outdated version of the Adobe Flash player. In recently spotted campaigns employing the Lord Exploit Kit, it appears that if the Lord Exploit Kit succeeds in its attack, it will drop the njRAT and the Eris Ransomware.

Despite the Lord Exploit Kit not being a top-tier exploit kit, it is still a threat that can cause a lot of headaches. Make sure you download and install an effective anti-virus application, which will keep your system safe from threats like the Lord Exploit Kit.