An article published in 2011 on popular news website The Guardian was found to be redirecting visitors to a landing page containing the notorious Angler Exploit Kit. Read the rest of the story from what follows.
When it comes to hackers, no website is safe; not even the popular and trusted ones; a classic case in point is a 4-year-old article that was published on The Guardian. It was found that the article was harboring a malicious link that was automatically redirecting visitors to a landing page hosting the Angler Exploit Kit. Now, here are two important things to note – first, the irony of the whole situation. The article used for the attack is entitled “Cybercrime: is it out of control?” So, that’s there. Secondly, what is this Angler Exploit Kit. Here’s a quick brief about it.
To begin, Exploit Kits are software/packages that contain pre-written codes (exploits) that take advantage of software flaws present in the Operating System of or the programs in the targeted machine, in order to drop a ‘suitable’ malware infection. These exploits are targeted toward users running outdated or insecure software applications on their machines.
About the Angler Exploit Kit, it first appeared in 2013. And since then, cyber criminals have been increasingly using it to target their victims; hiding it in several web pages. Like other exploit kits, once executed, the Angler Kit starts scanning browsers with outdated versions of Java, Flash Player, Adobe Reader, Microsoft Silverlight, etc., and then deploys the exploits accordingly.
What is most worrying about the Angler Kit is, it has been found to be ‘Ransomware’ focused. In other words, the Kit is being increasingly used by hackers to infect their victims with Ransomware – a malware that either locks your computer or encrypts all your data, and demands a ransom to unlock it. Read more about Ransomware here.
Now, what we do want to take away from this incident? Two learnings:
- Using outdated software in your device is like sitting on top of a time bomb – it can go off at any moment. As evident from what we have discussed earlier, exploit kits are like a box full of exploits that can target more than one type of program in the user’s machine. So, what is the solution here? Simple, keep your OS up-to-date with all the recommended security patches, and programs updated whenever notified.
- No website, however well-known or trusted, is immune to cyberattacks. And unless we are IT security professionals, it is impossible for us to detect any malicious activity in any website that we visit. What is the solution here? Have an antivirus software that can automatically block access to sites with malicious links. In this particular scenario of The Guardian, an antivirus software might not block access to the website itself. But, it will ensure that the automatic redirection does not occur – which, in fact, is the main danger.