Even after a precipitous drop in activity last quarter, security researchers say that the RIG Exploit Kit (RIG EK) still leads the pack when it comes to overall malicious campaigns. And some of them have found that the crooks are expanding their moneymaking horizons by using RIG to take advantage of the cryptocurrency craze bubbling the market for Bitcoin and other currencies. The exploit kit is being used by the bad guys in a new malicious campaign to distribute coin miners through drive-by downloads that they say likely signals another wide-scale evolution in the cybercriminal enterprise.
According to Jérôme Segura, lead malware intelligence analyst for Malwarebytes Labs , the bad guys are leveraging RIG in a new campaign called Ngay that distributes droppers containing one or more coin miner malware for cryptocurrencies like Monero and Electroneum. While some might write off these kinds of exploit kit payloads as less risky than a banking Trojan, Segura says their long-term impact is still serious.
Read more about the RIG Exploit Kit and how it is being used for drive-by cryptomining, which security researchers believe will be a trend to follow in 2018, on DarkReading.