exploit kits

The Clickless Threat: Exploit Kits

December 9, 2016 | By

You may have heard about exploit kits. The term has been floating around in the news lately, and you might be wondering what they are and whether they pose a threat to your business. So we wanted to take the time to explore this unique form of attack and show you how you can keep your data, and that of your customers, safe from harm.

What is an Exploit Kit?

An exploit kit is a malicious toolkit whose job it is to find security holes in your browser and then take advantage of them to inject malware on your device. This allows attackers to pursue their goals of stealing information, money, or both from you. These kits target vulnerable software applications, often times those that are not updated with the latest security patches.

The tricky thing about exploit kits is that, unlike phishing, for example, users don’t have to do anything “wrong.” They don’t need to click a bad link or download a nasty file by accident. Exploit kits are self-contained and designed to deliver malware of the attackers choosing, regardless of user behavior.

So it may come as no surprise that exploit kits are responsible for the vast majority of malware infections today. In fact, it’s the most common type of infection that we catch with Strongarm and, most of the time, the EK is delivering ransomware. Below, we’ll walk you through a step-by-step explanation of how exploit kits function, and then show you how you can protect yourself against them.

How Exploit Kits Unfold

There is a six-step process that exploit kits follow in order to get malware onto your computer(s):

  1. First, someone must visit a website whose server has been compromised by hackers.
  2. Then the person (the “victim”) will have their web traffic rerouted through some go-between servers.
  3. Eventually, the victim will alight on a rogue server that is hosting the exploit kit.
  4. From here, the exploit kit will try to gather information on the victim and determine the most effective attack.
  5. Next, the exploit will be delivered.
  6. Finally, if the exploit is successful, malware will be downloaded to the victim’s computer and executed.

Now of course, number six is a big IF.

If you’re protecting your systems in the right way, then exploit kits should not be successful, and malware should not end up on your computers, regardless of whether your users visit sites with active exploit kits.

So how exactly do you protect your business from exploit kits?

How to Defeat Exploit Kits

Basic hygiene is the first step in stopping the success of exploit kits. Ensure your browser (and all of its plugins!)  has the ability to auto-update itself when new weaknesses are found. Google Chrome has a unique architecture and a dedication to security that keeps most of the Strongarm team safe.

There are a few options on the market when it comes to protecting against exploit kits. Some people use web proxies. These can do some of the work of protection, but they don’t provide phishing protection and they don’t protect against command and control (C2) activities, which are often part of malware attacks. You can certainly purchase these point solutions, but we recommend that you select a more complete anti-malware solution.

Strongarm is specially designed to protect against exploit kits because it covers all vectors—from ransomware to phishing to exploit kits—without the need to maintain proxies, install agents, or invest in costly software.  One solution protects you from all malware.

Best of all, once Strongarm stops an exploit kit from downloading, there’s nothing else that the IT manager will need to do. We’ll let you know when an attempt takes place, but you can simply rest assured that no exploit kits will get around our blackhole.

Exploit kits are on the rise, so we’d like for you to give Strongarm a try for free.

Try Strongarm Free for 30 Days