Researchers Discover “Fallout” Exploit Kit
This was discovered by security researcher nao_sec at the end of August 2018, this kit is installed on hacked sites and will attempt to exploit vulnerabilities on a visitor’s computer.
Fallout has been targeting users with the SmokeLoader Trojan, but has been also observed delivering the GandCrab ransomware in the Middle East. Before dropping the payload, however, the fingerprints the browser profile to identify targets of interest.
The exploited vulnerabilities are for Adobe Flash Player (CVE-2018-4878) and the Windows VBScript engine (CVE-2018-8174).
To protect yourself from the Fallout exploit kit, it is important that all users make sure they have installed the latest Windows security updates and that they do not have any outdated programs, such as Flash Player, installed on their computer.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.