EK stats in Q1 2018

The times when exploit kits (EKs) were known to be the breeding ground of new zero-days is long gone, and most EKs nowadays live off older vulnerabilities, meaning that keeping your browser, OS, and Flash Player up-to-date is enough to safeguard you from today’s top web-based threats.

Exploit kits are web apps developed by malware authors. Crooks lure users on malicious URLs hosting an exploit kit, which uses a known vulnerability to infect the user with malware.

Exploit kits have been around on the criminal underground for more than a decade and were once pretty advanced, often being a place where researchers found zero-days on a regular basis.

But as browsers got more secure in recent years, exploit kits started to die out in 2016-2017. Most operators were arrested, moved to other things, and nobody developed new exploits to add to the arsenal of EK left on the market, which slowly began falling behind when it came to their effectiveness to infect new victims.

EKs used only eight exploits in Q1 2018

A Palo Alto Networks report published yesterday details statistics about the vulnerabilities used by current exploit kits in the first three months of the year (Q1 2018).

According to the gathered data, researchers found 1,583 malicious URLs across 496 different domains, leading to landing pages (URLs) where an EK attempted to run exploits only for only a meager eight vulnerabilities.

All eight were old and known bugs, with the newest dating back to 2016. Seven of the eight vulnerabilities targeted Internet Explorer, meaning that using a more modern browser like Chrome and Firefox is a simple, yet…