Skip to main content

New Disdain Exploit Kit Sold on Underground Hacking Forums

A new exploit kit called Disdain is been sold on underground hacking forums. The exploit kit is been advertised for rent on daily, weekly or monthly subscriptions.
Threat ID:
CC-1601
Category:
Threat Severity:
Medium
Threat Vector:
Hacking tool
Published:
24 August 2017 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A new exploit kit called Disdain is been sold on underground hacking forums. The exploit kit is been advertised for rent on daily, weekly or monthly subscriptions.

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

Microsoft Windows - All Versions

Threat details

The exploit kit is being advertised as exploiting the following CVEs:

  • CVE-2017-5375
  • CVE-2017-3823
  • CVE-2017-0037
  • CVE-2016-9078
  • CVE-2016-7200
  • CVE-2016-4117
  • CVE-2016-1019
  • CVE-2016-0189
  • CVE-2015-5119
  • CVE-2015-2419
  • CVE-2014-8636
  • CVE-2014-6332
  • CVE-2014-1510
  • CVE-2013-2551
  • CVE-2013-1710

Other features within Disdain include browser and IP tracking, domain rotator, geolocation availability, untraceable panel server from payload server, RSA key exchange for exploits, and a scan domain.

Remediation steps

Type Step
  • Ensure browsers and operating systems are up to date.
  • Ensure any browser add-ons you may need are up to date.
  • Ensure anti-virus software is kept up to date.
  • Use an intrusion detection and intrusion prevention system where possible.

Last edited: 17 February 2020 11:36 am