• Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
    Language
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Unit 42 Threat Intelligence

Research Reports

Exploit Kits Research

Oct 18, 2016
asset thumbnail

Exploit kits, which first became popular in 2006, are used to automate the exploitation of vulnerabilities on victims’ machines, most commonly while users are browsing the web. Over the past decade they have become an extremely popular means for criminal groups to distribute mass malware or remote access tools (RAT), because they lower the barrier to entry for attackers and can enable opportunistic attacks at scale. To understand this phenomenon, we must understand the ecosystem that surrounds exploit kits, including the actors, campaigns and terminology involved.

For exploit kit creators, there is a massive opportunity to generate profit. Creators can offer exploit kits for rental on underground criminal markets, where the price for leading kits can reach thousands of dollars per month.

Exploit kit campaigns generate a series of events starting with a compromised website that ultimately directs web traffic to an exploit kit. Within the exploit kit, a specific sequence of events occurs for a successful infection. The sequence starts with a landing page, follows with an exploit, and ends in a payload. Ransomware is their most common payload, but exploit kits also distribute other types of malware, like information stealers and banking Trojans.

While exploit kits are highly effective, there are measures you can take to prevent successful breaches. In the later sections of this report we will describe how to reduce the attack surface, block known malware and exploits, and quickly identify and stop new threats to ensure organizations are protected.

Download
Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, customer stories, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Products A-Z
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Careers
  • Contact Us
  • Manage Email Preferences
  • Newsroom
  • Product Certifications
Report a Vulnerability
Create an account or login

Copyright © 2023 Palo Alto Networks. All rights reserved