Security company Proofpoint has disclosed two new Microsoft exploits that have been coded into Purple Fox, which is an exploit kit that has evolved drastically over the past year. The new updates show that cybercriminals are investing in infection tools and putting time and energy into increasing their capabilities to help spread their malware onto targets’ systems. However, Proofpoint also stated that exploit kits are declining as an attack technique.
Exploit kits are tools that deliver malware onto devices automatically via a website and is an automated threat that typically utilized compromised websites to scan for vulnerable browsers. Purple Fox was initially a fileless downloader Trojan malware that was delivered via an exploit kit called Rig. In 2018, it had infected at least 30,000 users. Trend Micro noted that it was downloading and executing crypto-mining malware. However, last year it switched from the Nullsoft Scriptable Install System to Windows PowerShell.
Read More: Purple Fox Exploit Kit Adds Two Microsoft Vulnerabilities