A criminal posing as a legitimate website publisher on the AdsTerra online advertising network is using maliciously gathered traffic to deliver victims to exploit kits.
The main purpose of Grobios malware is to help attacker establish a strong, persistent foothold in a victim’s system, in order to drop additional payloads later.
GoDaddy, along with researchers from RSA Security and other companies, shut down tens of thousands of illegal established subdomains tied to the RIG Exploit Kit.
An Adobe Flash Player vulnerability used by the Sofacy APT gang was also found in seven of the top exploit kits, according to an analysis by Recorded Future.