Online attacks are increasingly being carried out by multi-function exploit kits, according to research by Web security firm zSclare.
In a blog post, ZScaler’s Pradeep Kulkarni claims to have observed an increase in the prevalence and usage of exploit kits in recent months, a development he attributes to hackers’ preference for the kind of multi-leveled attacks that the kits provide.
In a post on zScaler’s research blog, Kulkarni says that an exploit kit dubbed “Incognito” is gaining traction in the cyber underground. Incognito targets vulnerabilities in Java and Adobe products. His analysis of obfuscation techniques and URL patterns associated with Incognito illustrate that the kit is carrying out multiple attack vectors, which increase the chances of a successful compromise.
The growing use of Incognito and similar tools such as the Blackhole exploit kit and Eleonore exploit kit are indicative of a trend toward using automated tools to deliver exploits. In this way, he says, attackers are given the opportunity to launch frequent and effective campaigns with little technical knowledge.
You can find more in-depth analysis in Zscaler’s report.