Neutrino and its predecessor Neutrino-v are popular exploit kits that surged in mid-2016. They are known for using compromised sites and malvertising to infect users with various malware.
RIG is spread via suspicious advertisements that have been inserted into legitimate websites. The VIP version of the exploit kit, RIG-v, appeared in 2016 and uses new URL patterns.
The exploit kit, also referred to RIG-E, surfaced in September 2016 and takes advantage of flaws in Microsoft and Adobe software.
Also referred to as the "Beta Exploit Pack," Sundown is known to distribute remote access Trojans (RATs) via phishing emails to direct users to malicious links. Sundown was updated in late 2016 and discovered to be using steganography to hide exploit code.
The exploit kit was first spotted in October of 2016 and is a predecessor to the Sundown exploit kit.
Also known as Popads, Magnitude is used in malvertising attacks to infect victims who visit compromised websites.
The exploit kit was discovered in late 2016 and its codebase is from the Sundown exploit kit. The main focus of the exploit kit is to turn infected systems into miners for the Monero cryptocurrency.
Nebula, a re-brand of the Sundown exploit kit, is available for rent for $2,000.00 a month on an underground forum and offers support to both Russian and English speaking customers.
The exploit kit is reported to have originated from China and focuses on users who visit compromised Korean websites.
The exploit kit was first spotted in 2012 and infected users with drive-by-downloads primarily on Chinese and Korean websites.