Threat Database Malware RedKit Exploit Kit

RedKit Exploit Kit

By ESGI Advisor in Malware

The RedKit Exploit Kit is a dangerous hacking tool that is used to attack computer users that visit an attack website containing this threat. Computer users are typically directed to malicious websites using the RedKit Exploit Kit by browser hijackers or malicious JavaScript Trojans that create a hidden browser window when the victim visits a compromised website. The RedKit Exploit Kit can be used to distribute various kinds of malware and, like most exploit kits, is designed to take advantage of known vulnerabilities on the victim's computer. ESG security researchers have observed that the RedKit Exploit Kit is used to distribute variants of the Citadel and Zeus family of malware, well-known banking Trojans that are used to steal credit card and online banking credentials from unsuspecting victims.

The Black Hole Exploit Kit is the most common exploit kit on the market by far. However, several newer exploit kits are attempting to dethrone this undisputed king of exploit kits. First observed in April of 2012, the RedKit Exploit Kit has a specific feature that allows RedKit Exploit Kit to generate new URLs for attack websites every hour, making it particularly difficult to track and block by PC security researchers and anti-malware software. The RedKit Exploit Kit allows criminals to gauge their own malware to see how it measures up against the most popular anti-malware software on the market. A criminal can use the RedKit Exploit Kit to test a malware infection's executable file to see if it is capable of bypassing up to forty different popular anti-virus applications.

Typical Vulnerabilities Exploited by the RedKit Exploit Kit

The RedKit Exploit Kit attempts to take advantage of two vulnerabilities that have been used to distribute Trojans, one in Adobe Reader that allows a malicious PDF file to infect the victim's computer with malware and one in Java. These two vulnerabilities are labeled CVE-2010-0188 and CVE-2012-0507 have been patched by the makers of these platforms. However, it is important to note that the RedKit Exploit Kit can be updated to include new exploits that are uncovered and that, since RedKit Exploit Kit attempts to exploit multiple known vulnerabilities simultaneously, it is highly likely that computer users with out of date software on their computer will become infected after being exposed to the RedKit Exploit Kit.


Most Viewed