Dark Web Spotlight: Half of Exploit Kits Target Microsoft

Microsoft isn’t only the world’s most popular OS, but also the most exploited.  New Dark Web research shows that four Microsoft products represent half of all exploit kits available on the market. Exploit kits are automated threats used to divert traffic, scan for vulnerable browser applications and run malware. Exploit kits remain one of the most popular mass malware campaigns or remote access tools (RAT).  The four Microsoft products included Office, Windows, Remote Desktop Protocol, and SharePoint.  23% of all vulnerabilities sold on the dark web targeted Microsoft Office. This is a favorite of hackers since exploits work in nearly every version of Word and Excel. Often malicious files are sent out to infect systems with password stealers, crypto miners, or ransomware.  Windows exploits came in second, accounting for 12% of vulnerabilities. These exploits seek to gain administrative rights for networks or single machines.  Remote Desktop Protocol (RDP) accounted for 10% of vulnerabilities. RDP vulnerabilities can travel from one computer to another once there is a single infection. This is why RDPs are in the top three common vectors for ransomware.  Finally, Microsoft Sharepoint accounts for 3% of vulnerabilities. The goal for exploited Sharepoint sites is to create watering-hole traps that spread malware both widely and quickly. CybelAngel Asset Discovery and Monitoring provides round-the-clock visibility into exposed assets such as Sharepoint servers and RDPs. By locating these exposed assets, common vectors for cyberattacks can be secured, protecting your company.