Introducing Lord EK & Why Exploit Kits are Bad News


September 17, 2019
Security7-Blog Image

There’s a new kid on the block. Its name is Lord EK and it could potentially (along with all the other Exploit Kits out there) cause people grief if left unchecked.

First things first: what’s an “Exploit Kit?”

An exploit kit is automated threats that utilize compromised websites to divert traffic, scan for vulnerable browser-based applications, and run malware.

They’re developed to exploit vulnerabilities on a victims’ end-point automatically and silently while they browse the internet. Because of how highly automated they are, exploit kits have become incredibly popular.

Exploit kits initiate after the victim visits a compromised landing page. The page then diverts web traffic to another landing page. Code in the landing page profiles the victim’s device and looks for vulnerable browser-based applications.

Typically if the victims’ system is up to date and fully patched the exploit will cease to run. If not, the compromised site diverts network traffic to the exploit and then delivers a payload.

The payload can be used to retrieve malware or can be malware (like ransomware) itself.

Beyond Lord EK, some other popular exploit kits currently in the wild are:

  • Spelevo EK
  • Fallout EK
  • Magnitude EK
  • RIG EK
  • GrandSoft EK
  • Underminer EK
  • GreenFlash EK

How do you stop them?

The most commonly used exploits leveraged by Exploit Kits are:

The solution?

Patch, patch, patch your end-points. Make sure your end-points are as up to date as possible. Right now all three of those exploits have been patched. 4878 was patched in February of 2018, 8174 was patched in August of 2018 and 15982 was patched in December of 2018.

Also, beyond patching it’s probably a good idea to limit what kind of browser-based applications you might have on your machine. At this point, there is absolutely no reason to have ANY version of Flash Player running on your endpoint.

The web and the world at large had moved completely past Adobe Flash and running the software at this point only provides a benefit to would-be attackers.

Most of the popular web-browsers, including Safari, Firefox, and Chrome no longer support the software (we’re looking at you Internet Explorer and Edge) and Adobe itself plans to completely ditch support for it all together in 2020.

If you’re running Adobe Flash we recommend you remove it entirely.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter


Carl Keyser is the Content Manager at Integris.

Keep reading

Bridging the Gap between Automation and Innovation

Bridging the Gap between Automation and Innovation

Automation and Innovation. Some people might say those two words cancel each other out. Yet, I believe these two concepts can create capacity for each other—if your business leverages the free time automation creates to foster innovation. Automation can be...

Why Is My Laptop Draining So Fast?

Why Is My Laptop Draining So Fast?

Before You Replace Your Laptop Battery, Try These Fixes First Stuck with a laptop that’s running out way before it’s standard 8-10 hours of run time? Don't throw it out just yet.  Try these quick fixes to extend its life: Reduce your screen brightness If possible,...