Home > Threat descriptions >

Exploit kit

Classification

Category: Malware

Type: Exploit

Aliases: Exploit kit

Summary


An exploit kit is a toolkit that can probe for and run exploit code against vulnerabilities in an accessible device in order to gain further access or to drop additional malware onto the compromised device.

Removal


Automatic action

Once detected, the F-Secure security product will automatically handle a harmful program or file by either deleting or renaming it.

Exploit Prevention

The vulnerabilities leveraged by exploits are usually application or platform specific; in other words, a specific program (or even a specific version of a particular program) must be installed on the machine in order for the exploit to be effective.

To prevent exploitation of such vulnerabilities, please refer to the application vendor for the latest updates and additional advice.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


Exploit kits are often planted by attackers on malicious or compromised legitimate websites, where they can silently probe the devices of visitors to that site. If the exploit kit is able to successfully use one of its exploits against a visitor's vulnerable machine, it can then proceed with its actual malicious payload, which may range from installing components on the affected system, stealing data and so on.

Exploit kits are a form of 'crimeware' - a specialized utility program created and sold to facilitate illegal computer-related activity. Most modern exploit kits are created to be easily updated with the latest exploits for newly discovered vulnerabilities, making it easy for the kit operators to keep them effective for use.

Examples of exploit kits include AnglerEK, Fiesta, Styx, SweetOrange, Archie and Astrum. For more information on these kits:

For more about exploit kits, see Article: Exploit Kits