RIG Exploit Kit says “I Do”

Cyphort Labs discovered a new attack campaign that links to malicious exploits from hijacked DNS servers of personal wedding websites. Personal wedding websites are used to aid in planning and communicating important details for a couple’s upcoming wedding. In this attack, it appears DNS on these wedding sites were exploited. Attackers created new two letter DNS entries and pointed them to Russian IP addresses hosting the RIG exploit kit.

Leave a Reply