Angler Exploit Kit Continues to Evade Detection: Over 90,000 Websites Compromised

Exploit Kits (EK), arguably the most impactful malicious infrastructure on the Internet, constantly evolve to evade detection by security technology. Tremendous effort has been spent on tracking new variations of different EK families. In this report, we look at an EK from an operational point of view. Specifically, we have been tracking the activity of

Dormant Malicious Code Discovered on Thousands of Websites

Note: This post was updated on November 18, 2015 to reflect new information about the initial discovery of the injected code. On November 3, 2015, ZScaler reported that a Chinese government website hosting the Chuxiong Archives, www.cxda[.]gov.cn, had been compromised and contained injected code leading to the Angler Exploit Kit. The compromise was apparently remediated

Get updates on Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit 42

Follow us on