KaiXin Exploit Kit

KaiXin has been delivered via banner ads and JavaScript injection on compromised websites.

KaiXin exploit kit was first identified in August 2012 by Kahu Security

KaiXin masquerades as a statistics tracking script and uses URL encoding to trivially obfuscate the injected script.

The initial KaiXin landing page, which has no obfuscation, contains logic for handling different browsers. These landing pages are used to install malware onto a user’s device.

Affected Platforms

All Internet Web Browsers


Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: