Your one-stop web resource providing safety and security information to manufacturers

The Magnitude Exploit Kit (EK) is responsible for a large portion of the exploit kit market share and once infected high-profile websites such as Yahoo Ad Network and

After getting under the hood and examining its administration panel, researchers at Trustwave found a well-oiled machine ready to change at a moment’s notice to avoid security companies’ attempts to stop the exploit kit.

Exploit Kit Delivers Double Payload
Attack on Tor to Deanonymize Users
Malware Down, but Infrastructure Remains
New Exploit Kit Delivering Ransomware

The control page of the package offered its operators complete information on the infection rates, domain blacklisting, antivirus detection rates for the exploits, self-imposed geo-IP restrictions preventing malware spread, and details about the victims’ machine (operating system and web browser used) and country, according to a published report.

Moreover, Trustwave found Magnitude’s administration panel also provides the latest news about the EK. For instance, the operators posted they made the decision to reset statistics twice a week, for security reasons.

Cyber Security

At one point, they let other users know the malware delivery mechanism improved and the infection rate should see an increase.

Magnitude EK relied on three exploits, one for Internet Explorer 6 through 10, responsible for most infections (85 percent), and the other two for Java.

Trustwave researchers found the EK delivered no less than seven malware pieces to the victim, allowing its customers to use their own malicious files.

For a better understanding of the efficiency of this exploit kit, out of 1.1 million attempts of infection, 210,000 machines fell victim. This amounts to a 20 percent success rate in one month.

The operators behind Magnitude did not discriminate and targeted absolutely any machine they could infect. Trustwave said “a few hundred of the machines that Magnitude attempted to infect were from government agencies from the U.S., Canada, UK and several other countries. Also recorded computers from several universities in Australia, Hong Kong, the U.S. and others.”

At the top of the list of countries most affected by Magnitude EK are United States, France, Iran, and the UK.

Pin It on Pinterest

Share This