Threat Database Malware Sibhost Exploit Kit

Sibhost Exploit Kit

By Domesticus in Malware

The Sibhost Exploit Kit is a dangerous exploit kit that is part of a family of these types of hacking tools that has emerged since late 2012. The Sibhost Exploit Kit uses techniques that are similar to those used by numerous other exploit kits. However, there are certain details involving the Sibhost Exploit Kit that make it unique. In general, the Sibhost Exploit Kit carried out an attack that has been seen before for several years in other exploit kits. The Sibhost Exploit Kit is hosted on an attack website, and different techniques are used to force computer users to visit that malicious website. These include social engineering, other malware, and, in this case, malicious Java scripts that redirect the victim's Web browser when visiting a compromised website. It is important to note that the Sibhost Exploit Kit is very dangerous and that being exposed to the Sibhost Exploit Kit can severely compromise your privacy and your computer's security.

How the Sibhost Exploit Kit Attacks Your Computer

To initiate the attack, victims are directed to the Sibhost Exploit Kit website through redirects involving malicious iFrames and Java scripts. The malicious website containing the Sibhost Exploit Kit and other malicious files is hosted on a remote server controlled by criminals. The Sibhost Exploit Kit loads its malicious files such as the JavaScript library and its malicious JAR file from the exploit site and the Sibhost Exploit Kit has numerous similarities with other exploit kits, including the notorious Glazunov In fact, the Sibhost Exploit Kit uses the same exploit to bypass security as Glazunov as well as many of the same exploits to take advantage of vulnerabilities in the victim's computer. Basically, the Sibhost Exploit Kit is designed to detect what applications are used on the victim's computer. Then, the Sibhost Exploit Kit attempts to exploit known vulnerabilities in these programs. Sibhost Exploit Kit especially targets vulnerabilities in Java and Adobe products, such as Reader and Flash Player.

Avoiding the Sibhost Exploit Kit Attacks

There are several steps you can take to prevent attacks involving the Sibhost Exploit Kit:

  1. Since the Sibhost Exploit Kit relies on JavaScript redirects to force computer users to visit the attack website, turning off Java unless strictly necessary is a good way to avoid these redirects.
  2. To prevent the Sibhost Exploit Kit from exploiting vulnerabilities in your computer, keep all of your software updated and download the latest security patches regularly.
  3. Always use a reliable anti-malware scanner when browsing the Web in order to intercept these kinds of attacks.

File System Details

Sibhost Exploit Kit may create the following file(s):
# File Name Detections
2. deployJava.js


Most Viewed