Security experts at Malwarebytes have recently discovered a new exploit kit, dubbed Lord Exploit Kit, that is targeting vulnerable versions of Adobe Flash Player
“The first tweet from @adrian__luca about Lord EK came out in the morning of August 1st and shows interesting elements. It is part of a
“We can see a very rudimentary landing page in clear text with a comment at the top left by its author that says: <
The landing page used in the campaign involving the new EK was designed to check for the presence of Flash Player to trigger the CVE-2018-15982 flaw and gather system information.
The peculiarity of the Lord Exploit Kit is represented by the URLs it uses, they are very unusual and result from the adoption of the
“This is rather
Once exploited the CVE-2018-15982 vulnerability, the Lord Exploit Kit launches
Malwarebytes researchers also discovered that once exploited the flaw, the Lord exploit kit redirects the victim to the Google home page. This behavior was previously observed with the Spelevo exploit kit.
The Lord EK appears to be under active development, but it is difficult to predict how long it would be used by threat actors.
Malwarebytes also published Indicators of Compromise (IoCs) for the threat.
(SecurityAffairs – Lord Exploit Kit, hacking)