Fallout Exploit Kit

What is Fallout Exploit Kit?

Fallout Exploit Kit is a type of security threat that you cannot simply just remove from your computer because it is not there in the first place. We can only inform you about this exploit, and then hope that you do not encounter it when you browse the web.

In this entry, we will tell you more about the things Fallout Exploit Kit can do, but please bear in mind that if you want to somehow scan the websites you are about access to avoid this exploit kit, you might want to address IT security professionals, because this is not something a regular individual user can cope with.

Where does Fallout Exploit Kit come from?

First, this exploit kit is used on the server’s side, so you will not find it on individual user computers. It is hard to say who came up with this exploit kit, but we do know that it was mostly used in Japan and South Korea, as the Middle East and Southern Europe. It means that whoever uses this exploit to infect target systems, they do not recognize national borders. And just because Fallout Exploit Kit doesn’t seem to have been active stateside, there is always a chance that a different version of this threat could be employed in other regions of the world.

What does Fallout Exploit Kit do?

This exploit kit can be used to distribute various malware infections. We do know that it was used to push one GandCrab Ransomware version. GandCrab Ransomware is a prominent ransomware infection that has been reinventing itself for over a year now. It may not target regular computer users, but it is usually quite good at aiming at specific organizations, and disrupting their computer systems. Thus, Fallout Exploit Kit could be used by other ransomware infections to spread the malicious code around, infecting particular targets.

Also, we know that Fallout Exploit Kit was also used to spread the SmokeLoader Trojan. Trojans usually enter target systems surreptitiously, and so this infection can also be used to spread multiple dangerous infections that can later on spy on the user, collecting and stealing personal data.

Technically, victims encounter Fallout Exploit Kit on certain websites. It is hard to tell which website can be compromised, but the point is that this exploit kit would usually make use of two vulnerabilities that used to be found on landing pages. Please take note that the vulnerabilities have been taken care of by now, yet it doesn’t mean that this or other exploit kits cannot make use of other vulnerabilities.

A remote code execution vulnerability in Windows VBScript was patched in May 2018. If servers didn’t apply the patch, Fallout Exploit Kit could have exploited this vulnerability for quite a while. It is also known that Fallout Exploit Kit made use of a user-after-free vulnerability in Adobe Flash. Again, this vulnerability was patched back in February 2018. So if all software updates are installed regularly, websites shouldn’t be affected by Fallout Exploit Kit or any other exploit kit that makes use of these bugs.

Now, let’s say those vulnerabilities are still present. How would Fallout Exploit Kit work on them? Well, this exploit would first try to exploit the VBScript vulnerability. It is programmed to generate a ShellCode that gets an encrypted payload. Then it decrypts the payload and executes it. It wouldn’t be surprising if Fallout Exploit Kit also installed a Trojan to check whether the system has certain security characteristics.

If the VBScript is disabled, Fallout Exploit Kit automatically should move towards the second vulnerability it can exploit. The bottom line is that this exploit kit might be old, but they tend to reinvent themselves and come back. No one really knows who might make use of Fallout Exploit Kit next time.

Although we cannot offer a removal guide because Fallout Exploit Kit doesn’t affect target computers directly, you can get a list of all the infections that might be related to Fallout Exploit Kit and then scan your computer looking for them. If you find them, remove them immediately.

If you are managing a computer network, you should definitely keep your system up-to-date. Also, monitoring weird traffic is also a good idea. Finally, you should avoid accessing unfamiliar and potentially harmful websites. 100% FREE spyware scan and
tested removal of Fallout Exploit Kit*


Leave a Comment

Enter the numbers in the box to the right *