Also this year are Adobe Flash Player and Microsoft Internet Explorer the favorite target of cybercriminals, according to security company Recorded Future based on analysis of several exploit kits.
Of the 10 most attacked vulnerabilities by exploit kits, 6 were in Flash Player. The other attacked security issues are in Internet Explorer, Microsoft Silverlight and Windows. The most popular vulnerability amongst cybercriminals is a leak in Internet Explorer which Microsoft patched on the 10th of May this year. A leak that Adobe patched last year was found in the majority of the exploit kits.
This year marks the disappearance of the popular Angler exploit kit, which cybercriminals very frequently used to infect internet users with malware. The exploit kit disappeared after its developers were arrested by Russian authorities. The hole left by Angler was filled by exploit kits such as Sundown, Magnitude, RIG and Neutrino. These can be used for amounts of $700 (RIG) to $4000 (Neutrino) per month.
To prevent attacks it’s, according to the researchers, important that software is timely patched and that Flash Player, Internet Explorer and Silverlight are removed when they are not used. In case Flash Player is required, it’s advised to enable ‘click to play’, so Flash content isn’t automatically played.
Another advise is to use Google Chrome and use an adblocker as exploit kits often do their job through malicious advertisements.