Researchers who study exploit kits are reporting that two major kits, Angler and Nuclear, may no longer be available.
An attacker working off domains belonging to Chinese registrar BizCN has been moving the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.
A SANS ISC report indicates a prominent cybercrime group has begun using the Neutrino Exploit Kit, but that hardly spells the end of the road for the notorious Angler EK.
The SANS Internet Storm Center reports that the Angler Exploit Kit, pushing Cryptowall 3.0 ransomware, uses rapidly changing URL patterns—almost daily changes—to evade detection and rake in profits.
SANS Institute reports that Cryptowall 3.0 ransomware infections emanating from the Angler Exploit Kit are on the rise, and coincide with a spike from malicious spam campaigns.