We have not seen very many large scale malvertising attacks following the mysterious disappearance of the powerful Angler EK. The ones we do see tend to be related to low quality traffic and usually push the less sophisticated RIG or Magnitude exploit kits.
The last high profile malvertising activity we had caught was on June 7th with a drive-by download incident on Yahoo that leveraged Neutrino EK instead of Angler EK to exploit and compromise unwitting visitors. This was rather unusual and was later confirmed as not just an anomaly, but a transition to Neutrino, precisely around that same time frame.
Leave a reply